Author Topic: Malware detected on Word Press content website...  (Read 247 times)

0 Members and 1 Guest are viewing this topic.

Online polonus

  • Avast √úberevangelist
  • Maybe Bot
  • *****
  • Posts: 31282
  • malware fighter
Malware detected on Word Press content website...
« on: February 04, 2019, 04:50:16 PM »
Re: https://urlhaus.abuse.ch/url/116879/
and
Quote
Reputation Check
PASSED
Google Safe Browse: OK
Spamhaus Check: OK
Compromised Hosts: OK
Dshield Blocklist: OK
Shadowserver C&C: OK
Web Server:
None
X-Powered-By:
None
IP Address:
65.39.193.60
Hosting Provider:
Cogeco Peer 1 
Shared Hosting:
2616 sites found on 65.39.193.60
User Enumeration disabled, directory listing disabled - OK.

Detection see: https://www.virustotal.com/#/url/403f8ca39d6469256f08ffb6a64583e9574789274b6ad63cc38b37d0b496b011/detection
and https://www.virustotal.com/#/file/1096af47e1405b8a4e103ecb344e774b85df0a40bddf25e60603e2dddd2893b2/detection
and https://www.virustotal.com/#/file/1096af47e1405b8a4e103ecb344e774b85df0a40bddf25e60603e2dddd2893b2/detection

Potential problems: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3Lm1te2ZddW4jfHRbXW4uXX1n~enc

Re: Results from scanning URL: -http://mmefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js
Number of sources found: 41 ; number of sinks found: 17

101 hints towards best policies: https://webhint.io/scanner/818b0c0d-d187-491b-b57f-490491d3857b
'jQuery@1.12.4' has 1 known vulnerability (1 medium). See 'https://snyk.io/vuln/npm:jquery' for more information
and https://retire.insecurity.today/#!/scan/7fef606d45cd40a5d78d315caca366b0f5ec8523e8fab6275a025483f1fa0f60

polonus (volunteer website security analyst and website error-hunter)
« Last Edit: February 06, 2019, 12:26:24 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!