Jump to content

"teamgroupinc.com/en" Web Site Confusion By Eset Internet Security


Recommended Posts

Hi dear managers,

I am totally confuse about this site :

https://www.teamgroupinc.com/en/

Here is the result of virustotal about this site :

https://www.virustotal.com/gui/url/68a226e7a17a8f9a28eec59951b922dca4799419715000d7ad626d527313688a?nocache=1

And here is eset result on my local machine :

Capture.thumb.PNG.af5ee3e73ee690e2ade84928caa99639.PNG

Just tell me is this a fake page from my isp?

Something is wrong here!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Please help me on this as soon as possible

Link to comment
Share on other sites

  • Administrators

The website was compromised. An administrator should clean it and remove references to new2sportnews.com.

Link to comment
Share on other sites

If that web site was compromised why https://www.virustotal.com/ does n't show anything?

All virustotal engines are up to date.

Please clarify on this.

 

Link to comment
Share on other sites

  • Administrators
7 minutes ago, Helius_Dev said:

Please share infected url not an infected html file.

hxxps://www.teamgroupinc.com/index.php

However, you must scan the file itself, not do a url check since the url is not blacklisted but it's a malicious code on the web page which is detected.

Link to comment
Share on other sites

Something is fishy here!!!!!!!!!!!!!!!!!!!!!!!!!! :)(

I and you are not admin of their server to download or check index.php file

This is why virustotal does n't show anything, because that web site is totally clean.

You checked an html file not a php file.

Now you are telling infected file is php????????: )
 

Link to comment
Share on other sites

My cam recorder was active today.

It was an interesting video on social media network to show how things work.

Damage = Damage reputation

Link to comment
Share on other sites

  • Administrators

--2023-01-09 15:02:41--  https://www.teamgroupinc.com/en/index.php
Resolving www.teamgroupinc.com (www.teamgroupinc.com)... 13.114.136.73, 52.198.219.235
Connecting to www.teamgroupinc.com (www.teamgroupinc.com)|13.114.136.73|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'index.php'

Link to comment
Share on other sites

13 minutes ago, Helius_Dev said:

The last comment is the most relevant. The original posting dates to 2011.

Quote

"Officially" - no.
Through "hacking" - yes. If a website allows to download some content via /download.php?src=path_to_file script, AND it was poorly coded, then you could request to download, say, index.php file.

Check this out: https://owasp.org/www-community/attacks/Path_Traversal

Edited by itman
Link to comment
Share on other sites

Quote

A path traversal attack (also known as directory traversal) aims to access files and directories that are stored outside the web root folder.

index.php is in root folder.

By the way i checked source and finally SATISFIED.

 

Some month ago my pc was infected with P.O.R.N web sites and some people on the street told me you are ISRAIL and beby killer. :)

In my country they kill people because of that.

These people destroyed me totally.

We had a farm and they ate it like a charm for their malicious purposes.

I think for sniffing people with illegal purposes.

We have a poor family with empty hands now.

Now those people are tracking me all the time and are destroying all web sites that i met.

So forgive me for being rude.

 

Last thing :

Show me a link that show about this error in eset web site :

Quote

This web page may contain dangerous content that can provide remote access to an infected device, leak sensitive data from the device or harm the targeted device.

I want to be sure it wasn't MITM attack.

Thanks

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...