Jump to content

Unsafe Banking Website ?


Recommended Posts

Guest Mridul Jr

Hi , I have a banking website in my country named standard bank . Before entering the web , i checked it with VT but the result was clean . Then , when i entered the web , ESET detected a threat . Kindly let me know about the website and about the threat also . And is my computer safe now after the action taken by ESET ?

Website ; hxxps://standardbankbd.com

Threat detected by ESET : PHP/Webshell.NES trojan

Action taken by ESET :  connection terminated

Thank you .

Link to comment

Hard to say on this one if Eset is detecting a false positive or not.

The below screen shot scan by Sucuri web site scanner notes outdated PHP software is being used. This could indicate that it is exploitable. However, Sucuri did not detect any malware on the web site:

Eset_Sucuri.thumb.png.a3b3e054ad66319848ad90bea156470d.png

An additional web site scan using Quttera's web site scanner found no malware on the web site.

It is possible that malware injection is occurring upon direct access to the web site but the malware is smart enough not to trigger when it detects the site is externally being scanned.

Edited by itman
Link to comment
Guest Mridul Jr

object address: hxxps://www.standardbankbd.com/Content/Images/Events/2.php.jpg

Kindly investigate on the object address detected by ESET .

By the way , When I was writing this reply , i needed to copy paste the detected object address . But wow ! When I just pasted the link , ESET detected a threat in my browser although I haven't even opened the link , just copy pasted .

Kindly investigate the full matter . And please let me know if ESET cleans the threat fully .

Thanks again

Link to comment
Guest Mridul Jr
5 minutes ago, Guest Mridul Jr said:

object address: hxxps://www.standardbankbd.com/Content/Images/Events/2.php.jpg

Recently I have scanned the object address with VT and 2 engines detected it as malicious ( sophos , Comodo Valkyrie Verdict) but ESET didn't detect anything .

Link to comment
17 hours ago, Guest Mridul Jr said:

Recently I have scanned the object address with VT and 2 engines detected it as malicious ( sophos , Comodo Valkyrie Verdict) but ESET didn't detect anything .

At best, VT results should be used as a rough approximation of status of what is being submitted. The reason why is given in this article: https://www.virusbulletin.com/uploads/pdf/magazine/2017/VB2017-Abrams.pdf

To summarize, the products used at VT do not contain all features available for any given product.

Link to comment
Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...