nixon_tuvshee 0 Posted September 25, 2023 Share Posted September 25, 2023 Our website detected Nhm.gov.mn website threat JS/Agent.RAW virus has been detected check pls Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted September 25, 2023 Administrators Share Posted September 25, 2023 The detection is correct. The website was compromised and still contains the detected malware. Link to comment Share on other sites More sharing options...
thae 12 Posted September 25, 2023 Share Posted September 25, 2023 1 hour ago, Marcos said: The detection is correct. The website was compromised and still contains the detected malware. How do you check that manually? Can we do that do to check ourselves to see if it's not a false positive? For example my latest detection on some sites were: JS/Packed.Agent.N HTML/ScrInject.B JS/Adware.Adport.A Link to comment Share on other sites More sharing options...
Black20232023 0 Posted September 25, 2023 Share Posted September 25, 2023 My page donjastubica.hr is still blocked. Marcos can you check Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted September 25, 2023 Administrators Share Posted September 25, 2023 4 minutes ago, Black20232023 said: My page donjastubica.hr is still blocked. Marcos can you check It is still infected: Besides removing the malicious JS, make sure to update WordPress and all plugins and themes you use as well. Link to comment Share on other sites More sharing options...
itman 1,760 Posted September 25, 2023 Share Posted September 25, 2023 10 hours ago, nixon_tuvshee said: Our website detected Nhm.gov.mn website threat JS/Agent.RAW virus has been detected check pls Since this is a government web site, there should be sufficient IT security resources to remediate this issue. Link to comment Share on other sites More sharing options...
FraPro 0 Posted September 26, 2023 Share Posted September 26, 2023 JS/Agent.RAW has been detected on www.fnopi.it too. Can you confirm it's not a false positive? Thank you. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted September 26, 2023 Administrators Share Posted September 26, 2023 2 hours ago, FraPro said: JS/Agent.RAW has been detected on www.fnopi.it too. Can you confirm it's not a false positive? I could not reproduce the detection. The website has been likely cleaned in the mean time. Link to comment Share on other sites More sharing options...
Grzegorz Pawlowski 0 Posted September 27, 2023 Share Posted September 27, 2023 Hi Can you check this site? https://rzeczo.pl/spoldzielnia-nie-gorsza-od-dewelopera/ Thx Grzegorz Pawlowski Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted September 27, 2023 Administrators Share Posted September 27, 2023 38 minutes ago, Grzegorz Pawlowski said: Can you check this site? https://rzeczo.pl/spoldzielnia-nie-gorsza-od-dewelopera/ The malware is still there: Link to comment Share on other sites More sharing options...
Grzegorz Pawlowski 0 Posted September 27, 2023 Share Posted September 27, 2023 21 minutes ago, Marcos said: The malware is still there: Thank you very much. Link to comment Share on other sites More sharing options...
lucamc 0 Posted September 27, 2023 Share Posted September 27, 2023 I have the same problem too. It seems that the malware is linked to the WordPress theme called "Newspaper". I also have that theme, and Grzegorz's site also has it. However, on the theme's support forum, the developer "TagDiv" says that the theme is clean. Link to comment Share on other sites More sharing options...
itman 1,760 Posted September 27, 2023 Share Posted September 27, 2023 (edited) 4 hours ago, lucamc said: I have the same problem too. It seems that the malware is linked to the WordPress theme called "Newspaper". I also have that theme, and Grzegorz's site also has it. However, on the theme's support forum, the developer "TagDiv" says that the theme is clean. Per Sucuri web site analysis, below is the Newspaper plug-in being used. Is this the latest plug-in version? Also Sucuri noted that the password entry field on this web site is not encrypted; i.e. HTTPS, meaning it can be intercepted by a hacker. Edited September 27, 2023 by itman Link to comment Share on other sites More sharing options...
ShaneZ 0 Posted October 5, 2023 Share Posted October 5, 2023 (edited) My website "theinfo.me" gets this message This web page may contain dangerous content that can provide remote access to an infected device, leak sensitive data from the device, or harm the targeted device. Threat: JS/Agent.RAW trojan But we ran a scan and the website and server is clean. Can you please help Please do not publish this as it contains my website name. Thank you Edited October 5, 2023 by ShaneZ Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted October 5, 2023 Administrators Share Posted October 5, 2023 3 hours ago, ShaneZ said: My website "theinfo.me" gets this message This web page may contain dangerous content that can provide remote access to an infected device, leak sensitive data from the device, or harm the targeted device. Threat: JS/Agent.RAW trojan But we ran a scan and the website and server is clean. The website is still infected: Link to comment Share on other sites More sharing options...
Talefair 0 Posted October 6, 2023 Share Posted October 6, 2023 Good afternoon, may you check this website?: https://estructurando.net We are getting JS/Agent.RAW warnings. It's not our page, I just want to be sure that this website is not being marked incorrectly. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted October 6, 2023 Administrators Share Posted October 6, 2023 2 hours ago, Talefair said: Good afternoon, may you check this website?: https://estructurando.net We are getting JS/Agent.RAW warnings. It's not our page, I just want to be sure that this website is not being marked incorrectly. The detection is correct. https://sitecheck.sucuri.net/results/estructurando.net Link to comment Share on other sites More sharing options...
Zackster 0 Posted October 17, 2023 Share Posted October 17, 2023 I'm also getting this on https://infinitymagazine.co.uk I have a digital sub and can't download the latest issue. Link to comment Share on other sites More sharing options...
Black20232023 0 Posted October 18, 2023 Share Posted October 18, 2023 Hello, I am completly update wp and theme with plugins, but is still on black list (domain is: www.bedekovcina.hr) Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted October 18, 2023 Administrators Share Posted October 18, 2023 2 minutes ago, Black20232023 said: Hello, I am completly update wp and theme with plugins, but is still on black list (domain is: www.bedekovcina.hr) The website appears to be clean. No further action is required on our end. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted October 18, 2023 Administrators Share Posted October 18, 2023 (edited) 15 hours ago, Zackster said: I'm also getting this on https://infinitymagazine.co.uk I have a digital sub and can't download the latest issue. The website is still infected: Edited October 18, 2023 by Marcos Quote amended Link to comment Share on other sites More sharing options...
itman 1,760 Posted October 18, 2023 Share Posted October 18, 2023 6 hours ago, Marcos said: The website is still infected: This comment applies to https://infinitymagazine.co.uk. Link to comment Share on other sites More sharing options...
Palmitek 0 Posted November 6, 2023 Share Posted November 6, 2023 Hi i have the same problem with url https://www.spotandweb.it Can you check the url? Is it a false positive? thanks Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted November 7, 2023 Administrators Share Posted November 7, 2023 On 11/6/2023 at 1:53 PM, Palmitek said: i have the same problem with url https://www.spotandweb.it Can you check the url? Is it a false positive? The detection is correct. The website is still infected: Link to comment Share on other sites More sharing options...
Jaca 0 Posted February 1 Share Posted February 1 Can you check Malyogrod.pl website threat JS/Agent.RAW virus has been detected please check Link to comment Share on other sites More sharing options...
Recommended Posts