« previous next »
Pages: [1]   Go Down

Author Topic: SpyEye site not blocked?  (Read 2307 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34057
  • malware fighter
SpyEye site not blocked?
« on: March 20, 2014, 07:00:39 PM »
See: http://urlquery.net/report.php?id=1395337519141
Flagged: https://www.virustotal.com/nl/url/c7e06d245ee6095a494521dab8e541df59ac5ab921c92c45b5618bb5f602b023/analysis/1395337476/
winnerawan dot com,210.247.249.58,iix1.cybergiganetwork doy com,Parked/expired,
Detected by Bitdefender TrafficLight.
How it got a 80% trust score then here: http://www.scamadviser.com/is-winnerawan.com-a-fake-site.html  ????
See: http://fetch.scritch.org/%2Bfetch/?url=winnerawan.com&useragent=Fetch+useragent&accept_encoding=
Not blocked by avast!
Internal site error detected here: http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fwinnerawan.com%2Fxmlrpc.php
Potentially suspicious file from Quttera's: /wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.0.5&ver=3.6
Severity:    Potentially Suspicious
Reason:    Suspicious JavaScript code injection.
Details:   Procedure: + has been called with a string containing hidden JavaScript code <script> videojs.options.flash.swf = "video-js.swf";</script>.
Threat dump:   http://ddecode.com/hexdecoder/?results=4dc493223592d7193e7b98c9624c1aa6
Threat dump MD5:    C78040B3052991387DAA016D90FE8F7D
File size[byte]:    71799
File type:    ASCII
MD5:    05399BF5B292DD79293ADABB223E9C1A
Scan duration[sec]:    3.820000
see: http://labs.sucuri.net/db/malware/500-error?v1

ThreatSTOP alert -> Threat seen    84 min ago   Taiwan  threat danger level 1

pol
« Last Edit: March 20, 2014, 07:04:11 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3645
Re: SpyEye site not blocked?
« Reply #1 on: March 20, 2014, 07:07:10 PM »
Not blocked by Avast. ;)
Logged
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76014
    • >>> Avast Forum - Deutschsprachiger Bereich <<<
Re: SpyEye site not blocked?
« Reply #2 on: March 20, 2014, 07:19:44 PM »
Quote from: Steven Winderlich on March 20, 2014, 07:07:10 PM
Not blocked by Avast. ;)

Well, Pol said so. Did you read his post..!??
Logged
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34057
  • malware fighter
Re: SpyEye site not blocked?
« Reply #3 on: March 20, 2014, 10:44:14 PM »
This is certainly an evil site, so should be blocked i.m.h.o. -> http://urlquery.net/report.php?id=1395346749527
Reported to base at virusATavastDOTcom.

pol
« Last Edit: March 20, 2014, 10:51:30 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6669
  • volunteer
Re: SpyEye site not blocked?
« Reply #4 on: March 24, 2014, 02:08:05 AM »
Quote from: polonus on March 20, 2014, 10:44:14 PM
This is certainly an evil site, so should be blocked i.m.h.o. -> http://urlquery.net/report.php?id=1395346749527
Reported to base at virusATavastDOTcom.

pol

Now it is detected by Avast

Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34057
  • malware fighter
Re: SpyEye site not blocked? [SOLVED]
« Reply #5 on: March 24, 2014, 02:52:17 PM »
Good it has been added to avast detection. We are being protected against it.

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »