Avast WEBforum

Other => Viruses and worms => Topic started by: Dee45323 on March 15, 2021, 01:04:21 PM

Title: threat secured pop up - each time when using chrome
Post by: Dee45323 on March 15, 2021, 01:04:21 PM
Hi All,

I seem to have been infected by malware by clicking on a dodgy link. I seem to get threat secured pop up each time when using chrome - see attached.

I have run multiple full scans and still get the same problem.

I have even tried a fresh install of Win 10, and reinstalled chrome and the issue has come back.

I only have Ad blocker extension installed on chrome / cleared history / cache.

Please help.

thank you
Title: Re: threat secured pop up - each time when using chrome
Post by: polonus on March 15, 2021, 05:33:38 PM
See here: https://otx.alienvault.com/indicator/domain/paypal-eu-cdn.cloudiq.com
and risk of phishing: https://www.riskiq.com/lookup/?s=paypal-eu-cdn.cloudiq.com

Not flagged here: https://www.scamadviser.com/check-website/paypal-eu-cdn.cloudiq.com

Wait for a final verdict from avast team, whether this is a legit alert,

polonus
Title: Re: threat secured pop up - each time when using chrome
Post by: Dee45323 on March 15, 2021, 05:44:14 PM
thank you for your response - why is Chrome trying to redirect me to that URL? I seem to get that Avast pop up each time i am using Chrome - I am not manually navigating to the URL.

Title: Re: threat secured pop up - each time when using chrome
Post by: polonus on March 15, 2021, 06:52:13 PM
Probably while redirecting there because of a Browser Hijacker.
Do not forget, that your connection on hxtp://paypal-eu-cdn.cloudiq.com/ is not secure.
Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping. Tell -cloudiq.com to fix it.

This info-stealer trojan:
Short Description   A dangerous malware which can steal sensitive information from infected systems.
Symptoms   Infected users may not notice any particular symptoms, as the info-stealer is installed silently.
Distribution Method   Through phishing emails, through exploit kits, and comes bundled with legitimate software

Consider DOM-XSS issues from scanning URL: htxps://resources.blogblog.com/blogblog/data/res/149390559-indie_compiled.js
Number of sources found: 129
Number of sinks found: 14 running on ssfe (runs also on the paypal-eu-etc. website, all owned by Google's).

It is all malicious activity going on and abuse of the Google network.
Didn't you update and patch Google Chrome to their latest version? Their was a serious bug.

You could wait for the help of a qualified remover, or address this at the MBAM forums, and seek for one there,
to help you get rid of that info-stealer. 

It homes down to a cleansing routine by going into safe mode, then look for the malware app/program and remove it
and then cleanse the computer from malicious register entries. But this all is best performed under the guidance of a qualified
malware remover.

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)






Title: Re: threat secured pop up - each time when using chrome
Post by: aubnic08 on April 02, 2021, 10:00:21 PM
hi i had the same thing whit chrome its just i had BV:GreatGame-B (trj) it got into 2 of our pc.
Title: Re: threat secured pop up - each time when using chrome
Post by: polonus on April 03, 2021, 12:42:32 PM
Try to reset Google Chrome completely and remove questionable extensions.
Or remove Google Chrome and re-download.

This is why I use ungoogle chrome without an active Google chrome account.
Downloaded and dragged recommended extensions into it after installing Google webshop separately.
And use Clear URLs, Local CDN (0) extensions, so all external scripts are rescripted locally, far less tracking,

polonus