Author Topic: FP on GDA?  (Read 5450 times)

0 Members and 1 Guest are viewing this topic.

500dan500

  • Guest
FP on GDA?
« on: April 12, 2009, 09:40:42 PM »
I was on Green Day Authority and avast! popped up on the following link;

hXXp://www.greendayauthority.com/download/mvideo.htm

Is it a FP?

12/04/2009   20:37:47   1239565067   SYSTEM   1512   Sign of "HTML:IFrame-BV [trj]" has been found in "hXXp://www.greendayauthority.com/download/mvideo.htm" file.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: FP on GDA?
« Reply #1 on: April 12, 2009, 09:45:20 PM »
Generally, avast detection is accurate in these cases.
Isn't it an encrypted/obfuscated script or iframe?
Wasn't the site hacked?
The best things in life are free.

500dan500

  • Guest
Re: FP on GDA?
« Reply #2 on: April 12, 2009, 10:02:28 PM »
Don't think so, main page is fine; http://www.greendayauthority.com/

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89349
  • No support PMs thanks
Re: FP on GDA?
« Reply #3 on: April 12, 2009, 10:28:34 PM »
Just because the main page is fine doesn't mean they all are and in this case that page has been hacked.

There is an iframe tag after the closing html tag a standards no, no and the url that it connects to is obfuscated, highly suspicious.

See image, I have broken the code down to make it easier to see as it is all on a single line.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

500dan500

  • Guest
Re: FP on GDA?
« Reply #4 on: April 12, 2009, 10:38:45 PM »
Ah ok, I thought Tech meant they had been hacked recently so would have thought there would have been a note on the front page. Thank you. :)

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89349
  • No support PMs thanks
Re: FP on GDA?
« Reply #5 on: April 13, 2009, 12:50:11 AM »
You're welcome, if you know them or regularly visit, you might want to drop them an email.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

500dan500

  • Guest
Re: FP on GDA?
« Reply #6 on: April 13, 2009, 12:54:21 AM »
Yeah just did to the owner founder. :)

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89349
  • No support PMs thanks
Re: FP on GDA?
« Reply #7 on: April 13, 2009, 01:01:12 AM »
Hopefully it won;t take them long to resolve it, but they should check any content management software (like php) if they use any is up to date as old versions may be vulnerable to attack. They might also want to change their passwords for modification/uploads, etc.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

500dan500

  • Guest
Re: FP on GDA?
« Reply #8 on: April 15, 2009, 02:13:36 AM »
Just wanted to post something else in here.. The iFrame is still there, but I reinstalled Windows 7 lastnight on another partition and decided to try "ESET Smart Security - Home Edition" as I see so many people have it in their email sigs, tried the eicar test file, it picked it up, went to the page I reported in this thread, ESET did not pick it up.  :-\

Thank god for avast!  ;D ;D

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89349
  • No support PMs thanks
Re: FP on GDA?
« Reply #9 on: April 15, 2009, 02:59:43 AM »
Well it may not have even been looking for this type of infection, but avast's web shield is all over it with a rash and I still haven't found one incorrect detection in those that I have checked out in the forums.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security