Avast WEBforum
Other => Viruses and worms => Topic started by: Nicolas40 on November 22, 2022, 11:15:36 AM
-
Phishing false positive for hxtps://beta.swaap.finance/
I know crypto don't have a good reputation ;) but this website is absolutely not a phishing one and we are working hard with the community to build something safe and even useful.
Does someone can explain why it would be detected as positive ? What could we do in code of infra to avoid this on Avast or others.
In the tech, we use React and deploy with netlify, as lean as it can be.
-
Hello,
use the form: https://www.avast.com/false-positive-file-form.php, please.
Thanks,
Milos
-
This is an FP.
Mind this however: Hardening Improvements
Protection
No website application firewall detected. Please install a cloud-based WAF to prevent website hacks and DDoS attacks.
Security Headers
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors 'none'.
Missing security header to prevent Content Type sniffing.
Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src
(source: sucuri dot net)
Here they slightly differ in opinion, but not fundamentally,
see: https://urlscan.io/result/7268460b-71ae-4f2e-a7bb-1917e179f11f/
Re: https://sitereport.netcraft.com/?url=http://beta.swaap.finance
Also consider: https://urlscan.io/search/#domain:%22api.coingecko.com%22
(server Netlify uses Snyk as a security-plug-in)
Also see: https://urlscan.io/result/fe7f15df-e091-40c8-8864-d186500ca609/
Phishing against Uniswap, but not reaching a final verdict: Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
So do as avast's Milos proposes.
polonus