Jump to content

Recommended Posts

  • ESET Insiders
Posted

Hi,

While 'Web Access Protection' is on, EIS is preventing file downloading from OxyCloud domain (https://oxy.cloud/en/ & https://download.oxy.st/)

Files are only downloading when turning off the 'Web Access Protection' manually. facing this same since last two / three version of EIS (16.x)

Initially thought this is a bug & will be fixed in future release but as still its continues & exist so reporting here

 

Pls fix this is future release as its very annoying to disable that everytime I try to download something from OxyCloud

  • Administrators
Posted

Please try again, it seems to work for me now.

  • ESET Insiders
Posted (edited)

Hi @Marcos

I just checked after reading your comment here, & now it is downloading without disabling that 'Web Access Protection'.

Not sure what've happened as last I checked, EIS didn't release any newer version in the last 12/24 hours where they made any changes to the new version.

or ESET made any changes via the regular A/V signature (Modules) update lately so that as result, now its working? Anyway, IDK it maybe someone can tell me more about this.

And apart from this

do we have any tentative release window locked for the upcoming v17? (Sep/Oct?)

Edited by SM03
  • Administrators
Posted

One of the urls used by the cloud service was blacklisted so we unblocked it.

  • ESET Insiders
Posted

Whichone was blocked earlier?  oxy.cloud/en or download.oxy.st? 

And any info about the v17 release that I asked earlier? 

  • ESET Insiders
Posted

Hi @Marcos

I was just downlaoding a file from Oxy & it's (again) now blocking

[Attached screen recorded video for the same]

  • ESET Insiders
Posted (edited)

@Marcos

What're the settings that you need to be checked [under artifatcs to collect]  in log collector?

Edited by SM03
  • Administrators
Posted

There's no such setting, I'd need to check logs.

  • ESET Insiders
Posted (edited)

See this, am asking about this. 

1.png

Also, what should I select for log ages & log collctiom mode? 

Edited by SM03
  • Administrators
Posted

It's enough to use default settings.

  • 5 weeks later...
Posted (edited)

Same problem. Eset blocked Oxy cloud downloads https://download.oxy.st/d/fCjh/2/97fca367fff80ad5951b19b1c2c512a3#
If Disable and re-enable protection I can download files from Oxy Cloud until next time when I remove browser's cookies.
For 5 days - 3 false positives. Reported and still waiting answer from Eset.
For example when I report something to Avast they answer almost instantly and fix it.

Edited by stepan
  • Administrators
Posted

Please provide logs collected with ESET Log Collector. Clicking the link above downloads the file alright without any alert being triggered by ESET.

Posted (edited)
3 hours ago, Marcos said:

Clicking the link above downloads the file alright without any alert being triggered by ESET.

Augur detection triggers in ESSP using Firefox;

Eset_Augur.thumb.png.14090e9fa8326e4520774c91589d6a7e.png

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
10/6/2023 3:14:54 PM;HTTP filter;file;https://smelel.icu/sm/redirect?landID=40&company=29374&uuid=e641a93e-8f14-40a7-9316-1d443f385b06&apiKey=b68c106c3df6f586f8cb1f48c5036112;ML/Augur.C trojan;connection terminated;xxxxxxx;Event occurred during an attempt to access the web by the application: C:\Program Files\Mozilla Firefox\firefox.exe (3AC154D0A0390E254E88F9BF89E7040B00ED02F3).;2C03C7B3B8AEAD5C16FB471F5760B54641AFE5E6;10/6/2023 3:14:51 PM

https://www.virustotal.com/gui/file/05f1adce2d162fc881ccc2f633342dade521e92fa0a0d84f14ced9f8f436fa8c

Edited by itman
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...