Author Topic: SQL Inject from Avast (Read 1560 times)

WOT · « **on:** April 16, 2020, 11:21:45 AM »

Hello. hxtps://wotcheats.ru/ We strongly monitor the site’s security; there are no viruses on our site.
Check, please. There was an SQL injection from your server.
IP 5.62.41.171, Injection topic=24.187).(..,("')

polonus · « **Reply #1 on:** April 16, 2020, 05:31:32 PM »

Also flagged by two engines at VT:
https://www.virustotal.com/gui/ip-address/5.62.41.171/detection

What in this respect is -occonnor69.synology.me ?
Synology dot me is a data storage and back-up NAS service domain.
Connection to it in the case of the -occonor69 etc. address is not secure.

Before rushing into conclusions, let us wait for a final verdict from an Avast Team Member.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

WOT · « **Reply #2 on:** April 17, 2020, 04:15:31 AM »

New 2 IP addresses with injection changed the name from ff.avast.com to consumer-pool.prcdn.net

ASN 198605 - AVAST-AS-DC
ISP AVAST cloud

$:-\$

Can I block these IP addresses so as not to get into the avast antivirus blacklist?

r@vast · « **Reply #3 on:** April 23, 2020, 11:45:37 AM »

Hi,

It seems that someone was using HMA VPN to access your site.

Author Topic: SQL Inject from Avast (Read 1560 times)

WOT

SQL Inject from Avast

polonus

Re: SQL Inject from Avast

WOT

Re: SQL Inject from Avast

r@vast

Re: SQL Inject from Avast