Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Blacklisted defaced website with Avast detecting VBS:Agent-KZ [Trj]
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Blacklisted defaced website with Avast detecting VBS:Agent-KZ [Trj] (Read 1760 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33908
malware fighter
Blacklisted defaced website with Avast detecting VBS:Agent-KZ [Trj]
«
on:
January 11, 2016, 06:03:34 PM »
See:
http://zulu.zscaler.com/submission/show/27aabeab7843fdf32349332c104de525-1452531041
100/100
malicious
Not flagged:
https://urlquery.net/report.php?id=1452530059796
Blacklisted by Yandex and Google Safebrowsing: Current status:
Dangerous -bajaboats.ru is not safe to visit right now.
Site Safety Details: Some pages on this website send visitors to dangerous websites.
Suspicion of Defacement
51 <html> <script> alert(" hacked by mujahidin cyber army ") </script> </script> <head> <title>hacked by mujahidin cy...
Wshell script dropper hack.
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
jefferson sant
Starting Graphoman
Posts: 6674
volunteer
Re: Blacklisted defaced website with Avast detecting VBS:Agent-KZ [Trj]
«
Reply #1 on:
January 12, 2016, 02:29:27 AM »
Avast blocked both the defaced as VBS as a single detection
HTML:Dropper-R [Trj]
YBZ600HJ.htm
Detection:
45
/55
https://www.virustotal.com/en/file/2d21bb784702fb1204d84a120f80d2184b6f687a89fae3d43774e03c83ab4034/analysis/1452562065/
«
Last Edit: January 12, 2016, 02:31:04 AM by jefferson sant
»
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 33908
malware fighter
Re: Blacklisted defaced website with Avast detecting VBS:Agent-KZ [Trj]
«
Reply #2 on:
February 13, 2016, 10:38:57 PM »
Update
Website is still very much hacked and defaced and this is detected, blacklisted and blocked:
http://toolbar.netcraft.com/site_report?url=http://bajaboats.ru
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33908
malware fighter
Re: Blacklisted defaced website with Avast detecting VBS:Agent-KZ [Trj]
«
Reply #3 on:
October 22, 2016, 06:03:53 PM »
Update: Nothing changed, still with malware:
http://killmalware.com/bajaboats.ru/#
Re:
https://www.virustotal.com/nl/url/7e4af60a123aed4e91b5b6aa26f565d15ac1624712f1853d67eea55ed174c537/analysis/
See: -http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fbajaboats.ru%2F&useragent=Fetch+useragent&accept_encoding=
Do not go there as the mal VBScript is there.
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Blacklisted defaced website with Avast detecting VBS:Agent-KZ [Trj]