Today malware reported by more than a few different scanners.
I had this, too. The server, where our Website runs on, was hacked, and some code was integrated into the pages. I know it was a real threat because at that time I had hand-written the pages and could read what’s going on. It’s easy to catch data that is going to be send back to the server and forward it to someone. Fortunately, this kind of code is Javascript running on the client so Anti-Malware can find it.
==
The Reddit thread has more and more up to date information on what’s going on with the website.
https://www.reddit.com/r/flashlight/comments/etpkkk/avast_warns_that_intloutdoorcom_is_infected_with/
PS: A good illustration of a drive-by Trojan attack - Andrew Patrick
A good illustration of a drive-by Trojan attack
If you keep your browser updated, you probably will never have problems with this sort of thing.
It only happens using a browser vulnerability.
This article provides a good illustration of a drive-by Trojan attack. Somehow, a bunch of web sites in Italy have become infected with the attack. Visitors to those sites are getting infected automatically if they have a browser that is not up-to-date. Once infected, the vistors are redirected to other sites where they are further infected. By the end of it, an unknowing visitor is infected with a proxy server that allows a remote bad guy to access the Internet using the victim’s computer (great for sending spam), and a key logger than can be used to record usernames and passwords. Nasty stuff.
TrendLabs | Malware Blog – by Trend Micro
Since early Saturday morning (June 16, 2007), Trend Micro has been receiving several reports of a new batch of hacked Italian Web sites that trigger a series of malware downloads once a user visits them.
So if you are told it can never happen, that’s true, IF you keep your browser updated and if you don’t happen to be targeted by a new attack before the protection tools are updated to block it (a “”zero day”“:zero day attack examples - Google Search attack)
As they say, “do ya feel lucky? Do ya?”
Most of us are lucky most of the time.
I noticed about a week a go [still showing] on intl outdoor a Norton warning stating- Unsafe - Threats 17.
It cannot be a trojan. It’s just antivirus software being crappy.
The way websites work makes it impossible to execute code on your PC. They can only make use of javascript, which doesn’t allow any access to files on your PC without your consent.
That’s not true. A vulnerability does not need your permission and will not be so kind to ask for consent.
While the wild west days of IE and third party vectors (adobe/flash) are history; the complexity of modern web browsers bring many opportunities for the wicked.
It cannot be a trojan. It’s just antivirus software being crappy.
It’s impossible to get viruses or trojans from websites unless you specifically download some executable file and run it on your computer.
The way websites work makes it impossible to execute code on your PC. They can only make use of javascript, which doesn’t allow any access to files on your PC without your consent.
I have no antivirus software on never had for years and didn’t get any malware from the web yet.
That is untrue and dangerous to spread. There are malwares that can infect you without ever clicking a “bad link”, etc.
Example?
I haven’t heard of any.
Sure there may have been exploits for small things, like leaking some info about you etc, but none that allowed execution of code on the client. Spectre/meltdown is mostly bs. In theory you can exploit it to steal things from memory, but in practice chances you get something useful out if it are 0.
I did a lot of kiddy-hacking when I was in high-school. Those were some interesting times because you could get trojans from everywhere. There was mirc and people were accepting exes easily And there was a trojan called sub7 that was spread very fast and you could find many infected pcs just by scanning IPs and ports and then connect to them and taking full control over their computer. Very fun times.
But now it’s different. There are much more people on the internet today, but all that stuff is almost impossible to do. It’s very hard to get full access to other computers mainly because software is now sandboxed, and very hard to access data over network because of https.
Let’s see, who should I trust about zero day risk — Malwarebytes and Bill Gates, or some guy on the Internet?
Microsoft has released updates to help mitigate these vulnerabilities. To get all available protections, firmware (microcode) and software updates are required. This may include microcode from device OEMs and in some cases updates to AV software as well. In some cases, installing these updates will have a performance impact. We have also taken action to secure our cloud services.
Microsoft has no information to indicate that these vulnerabilities have been used to attack customers at this time. Microsoft continues working closely with industry partners including chip makers, hardware OEMs, and app vendors to protect customers.
What, me worry?
There is no virus on our site, we have already reported this issue to Norton, I believe they will remove our site from the black list in several days time.
I think they got triggered by the credit card fast checkout JavaScript. That or there is really another script hidden somewhere that steals the credit card infos.
It cannot be a trojan. It’s just antivirus software being crappy.
It’s impossible to get viruses or trojans from websites unless you specifically download some executable file and run it on your computer.
The way websites work makes it impossible to execute code on your PC. They can only make use of javascript, which doesn’t allow any access to files on your PC without your consent.
I have no antivirus software on never had for years and didn’t get any malware from the web yet.
Very dangerously incorrect. Unfortunately browsers are not safe sandboxes, as would be desirable.
Arbitrary/remote code execution vulnerabilities do exist. Just one very recent example with known “targeted attacks in the wild abusing this flaw”: Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1 — Mozilla
Browser can and do have vulnerabilities, which luckily usually get patched quickly. Plug-ins extend the attack surface and those don’t get as frequently updated, so it’s best to stick to well-known and well-maintained ones. And that’s not even getting into javascript which is a security headache.
Example?
I haven’t heard of any.
Then read again hank’s post. You’ve been provided some real world infection examples yet you refuse to acknowledge that.
It’s all well and good to come on here and declare ‘it’s all safe, nobody needs to worry’ or ‘it’s a false positive, it’s safe, report it to your antivirus’ But with respect, whilst everyone’s antivirus is flagging this as a trojan card stealer, not just mine , I’ll go with the advice of the security companies for now, rather than the word of someone I don’t know at all, and since I am not qualified or know for sure it’s not a trojan it’s probably not a good idea to suggest people report it as a ‘false positive’ as they don’t know, and nor do you.
The truth is YOU don’t know for sure at all, you are just best guessing.
Until such time as it is declared safe, I’d be wary about suggesting people ignore all the warnings and go ahead using the site as normal/buying. Of course if people want to, fine.
For now, it is only Norton reports “virus aleart” for our site, all the other major “virus scan sites” including Kaspersky, ESET verify
our site as SAFE, you can check it.
Norton uses outdated information which they will refresh their “black list” soon.
My Avast is still blocking it.
I can access it just fine with a VM running Avast and another running Norton.
I don’t see any problems with his site either. Win10 + defender
Also google doesn’t report anything Google Transparency Report
Norton has it blacklisted for no apparent reason though.
Well Avast is selling user data so it’s not like you can completely trust antiviruses, a lot of the time they give false positives on stuff that’s actually just a normal part of how the software/site works.