« previous next »
Pages: [1]   Go Down

Author Topic: Given as clean, while vulnerable and a PHISH!  (Read 939 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33938
  • malware fighter
Given as clean, while vulnerable and a PHISH!
« on: March 12, 2018, 05:34:35 PM »
See:  https://urlscan.io/result/f7d84bb0-71e5-488e-b446-bb6b47e8c501#summary
Re: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=34.206.57.115%2Ferrorpbx2&ref_sel=GSP2&ua_sel=ff&fs=1
Threat Name: Web Attack: Fake Tech Support Website 42
Location: -http://34.206.57.115/errorpbx1/main1/index.html?n=1-888-479-4333
PHISHING attack site:
Location: h-ttp://34.206.57.115/errorpbx1
Error
Quote
  -34.206.57.115/errorpbx2/chrome-assests/iframe.js benign[nothing detected] (script) 34.206.57.115/errorpbx2/chrome-assests/iframe.js
          info: [iframe] -34.206.57.115/errorpbx2/chrome-assests/report.php
     info: [decodingLevel=0] found JavaScript
     error: line:3: SyntaxError: missing ; before statement:
          error: line:3: 1-888-550-7513.addEventListener('resize', function(){
          error: line:3: ..........^   
Quote
-www.googletagmanager.com/gtag/js?id=UA-92680412-3
     info: [decodingLevel=0] found JavaScript
     error: line:129: SyntaxError: unterminated string literal:
          error: line:129:                          document.getElementById('fa').innerHTML = "<iframe src='#' width='12' height='12' style='position: absolute;
          error: line:129: ..................................................................................^
     error: line:18: SyntaxError: missing } in XML expression:
          error: line:18:      window.location.href = "./main1/index.html?n=1-888-439-6777";
          error: line:18: ....................................................................^
 found JavaScript
     error: line:129: SyntaxError: unterminated string literal:
          error: line:129:                          document.getElementById('fa').innerHTML = "<iframe src='#' width='12' height='12' style='position: absolute;
          error: line:129: ..................................................................................^
     error: line:18: SyntaxError: missing } in XML expression:
          error: line:18:      window.location.href = "./main1/index.html?n=1-888-439-6777";
          error: line:18: ................................................
Re: http://www.domxssscanner.com/scan?url=http%3A%2F%2F34.206.57.115%2Ferrorpbx2%2F

1 vuln. library flagged: https://retire.insecurity.today/#!/scan/728d9d604ce807b846bc55767c1c4f425bba7540fb8f011489bba790a696c72d

Missed detection: https://www.virustotal.com/#/url/cf3f6636f8a0e6e1a1ee8d4caac0b8aeab9dbe4b6fe72386eb2bb139eae3440c/detection

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »