We are trying to ascertain if the Sophos virus definition files contain a definition for Drovorub (or drovorun) Malware. It's Linux malware. This is not a zero day vulnerability. We need proof that we are being protected. I contacted Sophos support via ticket and the ticket was closed with the statement that I would have go to Sophos Labs. The lab site needs a file or a hash value of a sample of the malware. I called and was told there was no way to look up the malware by the name and I would have to submit a hash value or a sample of the malware.
We don't have one so I can't comply. We are running Sophos Enterprise Console 5.5.1.
Does anyone have any suggestions on who I can contact to find out what is in the virus definition files and if we are indeed protected from Drovorub (or drovorun) Malware for our Linux systems?
Could you please confirm if you have already submitted samples to our Sophos labs? Please PM me the case number that you have registered.