Author Topic: False positives?  (Read 782 times)

0 Members and 1 Guest are viewing this topic.

Offline Sarah62

  • Newbie
  • *
  • Posts: 3
False positives?
« on: December 04, 2023, 12:26:43 PM »
Hi,
I keep getting reports that my e-commerce site Amethyst Coffee, running at https://amethyst-coffee.online, is being flagged up as a malicious site by Avast.  Any ideas?

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33866
  • malware fighter
Re: False positives?
« Reply #1 on: December 04, 2023, 12:49:54 PM »
Word Press website scan showed no issues.

Here suspicious content flagged: https://quttera.com/detailed_report/amethyst-coffee.online

Not detected here: https://www.virustotal.com/gui/url/48168438fccd5813574d6e780eabfca6f935123a1f98d301f4b1f488db373c91/detection

Quote
404 That’s an error.

That URL doesn’t exist. [/url] consider -> https://www.shodan.io/search?query=paypalobjects.com
Injected: env: missing script "f14895c8-24ac-4fbe-82b2-760ec8b25d4c"!

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Sarah62

  • Newbie
  • *
  • Posts: 3
Re: False positives?
« Reply #2 on: December 04, 2023, 01:21:21 PM »
Now that is a weird one... how do I clear that...

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33866
  • malware fighter
Re: False positives?
« Reply #3 on: December 04, 2023, 01:36:25 PM »
It is an unconditional redirection to wXw.paypalobjects.com

So you have to take that up with them, paypalobjects or the developer of the site.

Suspicious as with S.HttpRedir.gen. That does not say, malicious as such and could be an FP.

Wait for a final verdict from avast's and whether this is not a security buster,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Sarah62

  • Newbie
  • *
  • Posts: 3
Re: False positives?
« Reply #4 on: December 04, 2023, 01:46:15 PM »
I made the site but use the paypal plugin for woocommerce for payments.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33866
  • malware fighter
Re: False positives?
« Reply #5 on: December 04, 2023, 02:36:08 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!