« previous next »
Pages: [1]   Go Down

Author Topic: Chat malware on this website...  (Read 1129 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33913
  • malware fighter
Chat malware on this website...
« on: March 03, 2017, 05:56:00 PM »
See: http://urlquery.net/report.php?id=1488558236107  (pichak dot net malcode) -> https://cymon.io/79.127.127.51
reported by ptr, urlquery.net, cleanmx-malware
Here it is missed: https://www.virustotal.com/pl/url/84c21f00f8694ec84d48c01dc6e88e2f56286be69d98c018a022cb645d3655bf/analysis/1488559639/
And the threat is only being reported by Sucuri's and Fortinet's IDS: https://www.virustotal.com/pl/url/3118e192885225550b63be22e41d31eb33eedbca392b0f590e3bb98ac0d898f2/analysis/1488559707/
-> https://sitecheck.sucuri.net/results/pichak.net
Quote
Domain detected on spam or phishing campaigns. Details: http://sucuri.net/malware/entry/MW:HTA:7
This specific URL was identified in malicious campaigns to disseminate malware.
On redirect.php?n=1280 malcode read here: https://www.google.nl/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwiI0Ovx5brSAhXrDMAKHYVDBKAQFggjMAA&url=https%3A%2F%2Fblog.sucuri.net%2F2016%2F05%2Fwordpress-redirect-hack-test0-default7.html&usg=AFQjCNFXmaEWjGhm0YB4KY6wWfgX_y4qPA

No content now? -> -https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=pichak.net%2Fchat%2Fonlines.php&ref_sel=GSP2&ua_sel=ff&fs=1
(blocked it for the unaware - pol  ;) )

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »