Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Customised XXS-malware on website - Emsisoft detects Trojan.Generic.8598541 (B)
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Customised XXS-malware on website - Emsisoft detects Trojan.Generic.8598541 (B) (Read 1959 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Customised XXS-malware on website - Emsisoft detects Trojan.Generic.8598541 (B)
«
on:
June 28, 2015, 06:15:39 PM »
See:
http://killmalware.com/guttersolutionsnw.com/#
Malware Script Detector blocks here: htxp://guttersolutionsnw.com/wp-content/plugins/cherry-plugin/lib/js/elasti-carousel/jquery.elastislide.js
Much wrong on this website: WordPress Version
3.8.8
Version does not appear to be latest 4.2.2 - update now.
The following plugins were detected by reading the HTML source of the WordPress sites front page.
fancier-author-box 1.3.2 latest release (1.4) Update required
-https://wordpress.org/plugins/fancier-author-box/
sliding-contact-form-by-formget 2.5 latest release (2.5)
-http://www.formget.com
cherry-plugin
seo-facebook-comments 1.5.2 latest release (1.5.2)
-http://www.plulz.com
font-awesome 3.2.1 latest release (3.2.1)
-http://www.rachelbaker.me
social-media-widget 4.0.2 latest release (4.0.3) Update required
-http://wordpress.org/extend/plugins/social-media-widget/
wordpress-seo 1.7.1 latest release (2.2.1) Update required
-https://yoast.com/wordpress/plugins/seo/
contact-form-7 3.9.3 latest release (4.2.1) Update required
-http://contactform7.com/
The theme has been found by examining the path /wp-content/themes/ *theme name* /
-theme48338 3.1http://info.template-help.com/help/
Issues with cherryframework:
https://www.mywot.com/en/scorecard/cherryframework.com?utm_source=addon&utm_content=popup
52 instances found of detected reference to malicious blacklisted domain form.jotform.us
Known for PHISHing abuse:
http://www.jotform.com/answers/505516-Need-to-report-a-phishing-form-http-form-jotform-us-form-50275355395157
Secret Service and GoDaddy assault on JobForm:
http://arstechnica.com/tech-policy/2012/02/secret-service-asks-for-shutdown-of-legit-website-over-user-content-godaddy-complies/
Results from scanning URL: htxp://www.statcounter.com/counter/counter.js malicious
Number of sources found: 27
Number of sinks found: 14
Exploitable sizzle.js in Results from scanning URL:
https://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
Number of sources found: 42
Number of sinks found: 12
Read:
http://blog.9bplus.com/if-i-were-an-attacker-third-party-js-librarie/
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Re: Customised XXS-malware on website - Emsisoft detects Trojan.Generic.8598541 (B)
«
Reply #1 on:
June 28, 2015, 06:53:34 PM »
Why this link had to be broken on that website, like this?
hxxp://dashboard.socialtools.fm/socialfm.js?code=c58beff44260b8dc83730e026b9daae0e6493553
See:
https://dashboard.socialtools.fm/users/sign_in
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
mchain
Avast Evangelist
Ultra Poster
Posts: 5616
Spartan Warrior
Re: Customised XXS-malware on website - Emsisoft detects Trojan.Generic.8598541 (B)
«
Reply #2 on:
June 29, 2015, 09:06:00 AM »
TBH, site appears to load normally atm.
You may be seeing broken code because, to be quite honest, few here run at your level of expertise. Glad you are here.
Logged
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762) UI version 1.0.797
UI version 1.0.788. Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Customised XXS-malware on website - Emsisoft detects Trojan.Generic.8598541 (B)