Author Topic: Ebay Login - False Positive???  (Read 5744 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Ebay Login - False Positive???
« Reply #30 on: November 19, 2018, 12:18:52 AM »
Hi DavidR,

Agree with you that not having Avast Secure Browser brought to Google-Android for instance is unfortunate, as Brave browser has been brought there, and I use it a lot on mobile's. Even so as Avast Secure Browser is a chromium based browser of sorts.  :D

uMatrix is not particularly complex either, just allow minimal settings to let the page function properly and know what sites to shun.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline HonzaZ

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1131
Re: Ebay Login - False Positive???
« Reply #31 on: November 19, 2018, 09:27:22 AM »
This is certainly not a false positive, the detection was triggering a redirection script.
However, as this is on ebay, I will let it pass and disable the detection, but if anyone from ebay is reading this, beware that I am strongly against this behavior!

Offline solaire

  • Newbie
  • *
  • Posts: 3
Re: Ebay Login - False Positive???
« Reply #32 on: November 20, 2018, 03:27:00 AM »
Hmm...As upset as I was about this, If this is the case
We users would want Avast to stand the ground
We also would "strongly object to this behavior"
I hope they lost a lot of money with this. > :-(

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Ebay Login - False Positive???
« Reply #33 on: November 22, 2018, 01:11:03 AM »
To support this above vision, I recently scanned at Zulu Zscaler's, which results agree delivering a VirusTotal Content Check,
that produces a Positives count of 3 with a risk score of 30; all this for the code at
-hXtps://www.ebay.com/rdr/js/s/rrbundle.flat.min.js.

However the above risk grade does not lead to a VT flag by any of the known av-solutions.
A risk score of 30 denotes that application/javascript; charset=UTF-8 here is questionable to say the least,

polonus
« Last Edit: November 22, 2018, 01:12:47 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!