JM_22 0 Posted January 18 Share Posted January 18 Good afternoon, Please your help, since ESET is detecting the ABCDIN.CL site as malicious and when performing the validation in virustotal it appears clean. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,548 Posted January 18 Administrators Share Posted January 18 The detection is correct, the website was compromised. Unfortunately I'm not allowed to open the website to tell you how to look up the malicious code, getting 405 as a response. Quote Link to comment Share on other sites More sharing options...
JM_22 0 Posted January 18 Author Share Posted January 18 Hi marcos, Thanks for your answer. Please can you tell me since when the abcdin site is blocked by ESET?. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,548 Posted January 18 Administrators Share Posted January 18 The website is not blacklisted by ESET. It's a malicious JavaScript on the website which is detected and blocked. The first detection JS/Spy.Banker.KJ was added in January 2022, however, it doesn't tell anything about when your website was compromised. JM_22 1 Quote Link to comment Share on other sites More sharing options...
Solution Nevermind 7 Posted January 19 Solution Share Posted January 19 Look for 'Ly9yZWd0ZWNoLnNicw' in the source code of main page. You will find malicious part. notimportant and JM_22 2 Quote Link to comment Share on other sites More sharing options...
JM_22 0 Posted January 19 Author Share Posted January 19 Thank you very much Marco and Nevermind for all your help. The code of the site has already been removed. Quote Link to comment Share on other sites More sharing options...
JM_22 0 Posted January 19 Author Share Posted January 19 Thanks Nevermind!!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.