Author Topic: SQL Inject from Avast  (Read 1601 times)

0 Members and 1 Guest are viewing this topic.

Offline WOT

  • Newbie
  • *
  • Posts: 2
SQL Inject from Avast
« on: April 16, 2020, 11:21:45 AM »
Hello. hxtps://wotcheats.ru/ We strongly monitor the site’s security; there are no viruses on our site.
Check, please. There was an SQL injection from your server.
IP 5.62.41.171, Injection topic=24.187).(..,("')



« Last Edit: April 16, 2020, 01:18:05 PM by Milos »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33935
  • malware fighter
Re: SQL Inject from Avast
« Reply #1 on: April 16, 2020, 05:31:32 PM »
Also flagged by two engines at VT:
https://www.virustotal.com/gui/ip-address/5.62.41.171/detection

What in this respect is -occonnor69.synology.me ?
Synology dot me is a data storage and back-up NAS service domain.
Connection to it in the case of the -occonor69 etc. address is not secure.

Before rushing into conclusions, let us wait for a final verdict from an Avast Team Member.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline WOT

  • Newbie
  • *
  • Posts: 2
Re: SQL Inject from Avast
« Reply #2 on: April 17, 2020, 04:15:31 AM »
New 2 IP addresses with injection changed the name from ff.avast.com to consumer-pool.prcdn.net

ASN   198605 - AVAST-AS-DC
ISP   AVAST cloud



 :-\

Can I block these IP addresses so as not to get into the avast antivirus blacklist?

« Last Edit: April 17, 2020, 04:28:25 AM by WOT »

Offline r@vast

  • Avast team
  • Massive Poster
  • *
  • Posts: 2760
Re: SQL Inject from Avast
« Reply #3 on: April 23, 2020, 11:45:37 AM »
Hi,

It seems that someone was using HMA VPN to access your site.