PliotsCarl 0 Posted May 9 Share Posted May 9 Hello, we have been notified by two Eset users that https://pilotshq.com is being blocked for an alleged spy.banker.lq Trojan. multiple scans including those from google and Shopify show clean results. I have additionally ran a scan that was used in the forums for other users. https://sitecheck.sucuri.net/results/Pilotshq.com Link to comment Share on other sites More sharing options...
PliotsCarl 0 Posted May 9 Author Share Posted May 9 Additionally, I have downloaded all these files and have zero references to "blob(" or "atob(" in the source code. If this exists then it is within a third party app that we need to identify. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,307 Posted May 10 Administrators Share Posted May 10 Have you found and removed the malware in the mean time? I'm not getting any detection from ESET now. PliotsCarl 1 Link to comment Share on other sites More sharing options...
PliotsCarl 0 Posted May 10 Author Share Posted May 10 No, please remove the site from any blacklist. If you would like I can post the results that came from the Shopify help desk. I have already posted results from the tool you use for scanning. We recently installed an addon that allows for “make an offer” which is a paid app that charges for successful transactions. I was thinking maybe it was thier tracking code causing the issue, but if we are clean then 👍 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,307 Posted May 10 Administrators Share Posted May 10 The website is not blacklisted. If the detection still occurs, the website is still infected. From the telemetry it's obvious that the malware was there: Now the Google Tag Manager JS is clean: Link to comment Share on other sites More sharing options...
Recommended Posts