Author Topic: Pop-up adware link to avoid on this website (and others for that matter).  (Read 1100 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33379
  • malware fighter
What link is malware, well it is: -js.users.51.la/19058538.js
Where we saw it flagged: http://urlquery.net/report.php?id=1496927840089

Read here: https://security.stackexchange.com/questions/66729/what-does-this-javascript-file-do-is-this-a-virus

See: -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fjs.users.51.la%2F19058538.js  interaction with form.js
Errors in the adware malcode
Quote
  error: undefined variable Image
     error: ./pre.js:249: TypeError: Image is not a constructor 
&
Quote
line:6: TypeError: Image is not a constructor
Because object is overriding the default constructor! info credits StackOverflow's Arun P. Johny.

Here the whole issue is not being flagged and could it be avast only detects in PUP-mode? Re:
https://www.virustotal.com/pl/url/745908ecd44047ca027312660baa17374d85c50ba512b3a929d545008919f1fe/analysis/1496957889/

Quttera detects further two suspicious files in -/templets/default/style/jquer.js with
Quote
Detected potentially suspicious initialization of function pointer to JavaScript method write <code> __tmpvar257594717 = write; <code/>
No javascript errors there apparently.

Here an all green? -> http://zulu.zscaler.com/submission/show/d420e4a29aeb5ea4ff50e0546967ff2d-1496958394

Two warnings here: https://asafaweb.com/Scan?Url=biggsuperstore.com  We performed this scan as China is known as a Microsoft-IIS webserver mono-culture in this case two warnings - server info proliferation as the address you entered is unnecessarily exposing the following response headers which divulge its choice of web platform:

Server: Microsoft-IIS/6.0
Configuring the application to not return unnecessary headers keeps this information silent and makes it significantly more difficult to identify the underlying frameworks.


polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!