Skip to main content
bvasilev's profile



176 Messages


7.1K Points

Sat, Feb 6, 2021 9:38 PM

Trend Micro Reclassifies Malware Links as Safe.


I was going to report this issue a while ago and feel now is the right time.

There is a reclassification portal where business and home users can submit reclassification requests.

The issue here is that it reclassifies links leading to malware payload as safe quite frequently.

The latest instance of this occurrence was minutes ago.

I have submitted a request to reclassify a link I have extracted from malicious Aggah/Haggah script, which is this (please see highlighted in screenshot):

The link allows the downloader to obtain a secondary payload, in this case AsyncRAT.

About 10 minutes later, I got an email back that the site is categorised as safe and associated with computers/internet.

Apparently my comment on where I got the site from and why it is dangerous hasn't been read, but rather the site has been scanned for viruses (the payload is not detected and so is the original script).