Sunbelt is using Symantec in-house


This is quite old (it has been sitting in my to-do list for a while) but still fun:

What can screenshots reveal about your company? This blog posting from the Sunbelt blog from Friday, November 16, 2007 entitled Some new twists in the Storm worm contains the screenshot which can be seen below with the obfuscated javascript code:

stormworm1238888

When I looked at the screenshot I saw the peculiar structure towards the top of the page (the first "script" block) and did some searching around. It turns out that this structure is added by ad-blocking code present in some Symantec products as documented on their website. This means that probably whoever made the screenshot at Sunbelt was using Symantec’s AV on their system. Interesting to know :-).


Leave a Reply

Your email address will not be published.