Jump to content

Recommended Posts

Posted

Have tried this link several times and gotten warned off.  Might this be a false positive?

image.thumb.png.3bc05258b061041552e416da778dcde5.png

Thanks

  • Administrators
Posted

Are you using a Mikrotik router? If so, it might have been compromised and a CoinMiner javascript is being added through a special html file that has the original page included via a frame. This is currently detected as a PUA (JS/CoinMiner.AH) so make sure that you have PUA detection enabled and modules updated.

Posted

I am using a TP-link AC1200 switch; as far as i am aware nothing has been compromised, but this is not my specialty.  Thanks for the reply. 

  • Administrators
Posted

If the detection is still triggered on the website, please provide ELC logs but also select "quarantined files" prior to collecting the stuff.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...