JM_22 0 Posted January 18, 2023 Share Posted January 18, 2023 Good afternoon, Please your help, since ESET is detecting the ABCDIN.CL site as malicious and when performing the validation in virustotal it appears clean. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,235 Posted January 18, 2023 Administrators Share Posted January 18, 2023 The detection is correct, the website was compromised. Unfortunately I'm not allowed to open the website to tell you how to look up the malicious code, getting 405 as a response. Link to comment Share on other sites More sharing options...
JM_22 0 Posted January 18, 2023 Author Share Posted January 18, 2023 Hi marcos, Thanks for your answer. Please can you tell me since when the abcdin site is blocked by ESET?. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,235 Posted January 18, 2023 Administrators Share Posted January 18, 2023 The website is not blacklisted by ESET. It's a malicious JavaScript on the website which is detected and blocked. The first detection JS/Spy.Banker.KJ was added in January 2022, however, it doesn't tell anything about when your website was compromised. JM_22 1 Link to comment Share on other sites More sharing options...
Solution Nevermind 8 Posted January 19, 2023 Solution Share Posted January 19, 2023 Look for 'Ly9yZWd0ZWNoLnNicw' in the source code of main page. You will find malicious part. JM_22 and notimportant 2 Link to comment Share on other sites More sharing options...
JM_22 0 Posted January 19, 2023 Author Share Posted January 19, 2023 Thank you very much Marco and Nevermind for all your help. The code of the site has already been removed. Link to comment Share on other sites More sharing options...
JM_22 0 Posted January 19, 2023 Author Share Posted January 19, 2023 Thanks Nevermind!!! Link to comment Share on other sites More sharing options...
Recommended Posts