Jump to content

Archived

This topic is now archived and is closed to further replies.

beethoven

trojan JS/Kryptik.anQ

Recommended Posts

NOD just popped an alert when accessing this commercial website

 www.paulswarehouse.com.au/storefront/storeincludes/js/floatcart.js and several other pages 

terminated connection and quarantined.

 

When checking this site via virustotal is comes clean including Eset.  I submitted this but just wonder why there is a difference in detection?

Share this post


Link to post
Share on other sites

That sounds like an HTTP Scanner detection, it scans the website content and if a threat is found in a script or Ad etc.. the connection is terminated and the threat is quarantined, or blocked.

 

VirusTotal does not use HTTP Scanners afaik, they only use URL blacklists provided by the vendors I think. 

But if the whole website would have been blocked by ESET and you would have seen the "access denied" message, then VirusTotal would also show that ESET detected it like "Malware site" or similar wording.

Share this post


Link to post
Share on other sites

thanks SweX - yes, that explanation makes sense and matches what I noticed. Access was possible but then a number of alerts popped up, preventing certain connections but not the homepage

Share this post


Link to post
Share on other sites

You're welcome beethoven :)

Share this post


Link to post
Share on other sites

I confirm that the detection is correct, it's not a false positive. If the above mentioned detection is triggered, the website was compromised and a malicious java script is injected into the web page.

Share this post


Link to post
Share on other sites
Guest doctorbee

i manage several websites and have a couple of them compromised. one was purely html and had malicious code inserted. the two sites running php had the following common PHP code in a randomly named file.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...