Jump to content

JS/Agent.OZD trojan


Recommended Posts

hello,

 

I browsing this web https://restabessmg.jateng.polri.go.id/libas/

Eset found threat JS/Agent.OZD trojan

Try to scan url with virustotal but Eset says it clean
https://www.virustotal.com/gui/url/5e0297a004ded5fdfd67a690776433a92df2f01c1ee647d8b3f6273972656088?nocache=1

Is this website compromised or it is false alarm?

 

Thank you

Link to comment
Share on other sites

  • Administrators

The detection is correct. The website was compromised and contains malware.

One of the infected files is wp-emoji-release.min.js for instance.

Link to comment
Share on other sites

On 11/16/2021 at 7:25 AM, Marcos said:

The detection is correct. The website was compromised and contains malware.

One of the infected files is wp-emoji-release.min.js for instance.

Hi Marcos,

I am interested how you found out which file is infected?

Are there any tools/tutorials you can recommend?

Kind regards,

Katzi ~Meow~

Link to comment
Share on other sites

  • Administrators
3 minutes ago, Katzi said:

I am interested how you found out which file is infected?

Just open the website in a browser and browse through it until the detection is triggered. Then check the Detections log for information about the file that the threat was detected in.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...