It is already included in the list, but after selecting from automatic to control seems to block the script (only two warnings, but after scan no other malicious files found). Thanks for the tips
CashU.com site compromised ?
- Thread starter Divine_Barakah
- Start date
It is already included in the list, but after selecting from automatic to control seems to block the script (only two warnings, but after scan no other malicious files found). Thanks for the tips
anyone with sophos home that can try this out?
Maybe @Raiden can if he's still using SHP?
Any update? Avast still blocks the site i wrote the support on the begin of this thread. no response until now.
CashU support has not responded to me yet. I tweeted @CashU about the issue but my tweet has disappeared somehow
Edit: What concerns me the most is that this site is online banking and one should not see such warnings on such sites. Carelessness -_-
F
ForgottenSeer 72227
Sorry I don't have it installed atm. It may or may not detect it as it doesn't do HTTPS scanning.
Either way I wouldn't trust that site as it is currently.
Thank you @Raiden Have you uninstalled SHP for the sake of change or have you encountered any specific issues that steered you away from it? Anyway, yes this site should be avoided in its current state until sth is done by developers.
F
ForgottenSeer 72227
Mostly to try out different programs. I do like SHP a lot, it's improved, but still needs a bit of work. For me the biggest annoyance is it does impact the boot-up/login time into Windows. There's a definite lag there, especially when I compare it to WD and Eset in that regard. I still keep a close eye on it and I will for sure participating in the beta once it's released.
Yes the new version shows great improvement especially when it comes to performance. I like SHP too but will wait to the next version which, I hope, it will address all the issue and refine the product.
After asking them yesterday, got a response:
"Hello Dear,
Thank you for contacting CASHU.
We apologize for the inconvenience caused, would you please provide us with a screenshot with the details of the virus that you are facing.
Should you need further assistance, please do not hesitate to contact us again.
Thank you and best regards,"
attached the warnings from this post and sended them. (Avast still blocks the site)
"Hello Dear,
Thank you for contacting CASHU.
We apologize for the inconvenience caused, would you please provide us with a screenshot with the details of the virus that you are facing.
Should you need further assistance, please do not hesitate to contact us again.
Thank you and best regards,"
attached the warnings from this post and sended them. (Avast still blocks the site)
RoboMan
Level 38
Verified
Honorary Member
Top Poster
Content Creator
Well-known
High Reputation
Forum Veteran
At the present day, I don't get any notification nor blockings from Kaspersky IS 19, although I have web protection set on minimum and I have disabled Kaspersky injection on websites.
Hello,
I am a bit worried:emoji_disappointed:
Can we conclude that only av that detect these files are effective?
I am a bit worried:emoji_disappointed:
Can we conclude that only av that detect these files are effective?
On my Firefox with uBO & uMatrix installed I get no popup from Eset. The websites loads fast but every script except googletagmanager is allowed so not sure what uMatrix is blocking here that's making those malicious script not to load. While on Microsoft Edge(EdgeHTML) with only Adguard extension enabled, the website takes a lot of time to load and 20+ Eset popup show up. I also have Privacy Possum installed on Firefox which is blocking 58 referrer headers, not sure if it's related.
4
436880927
I was doing some de-obfuscation last night and it looked to me that the JavaScript doesn't support calling home like it would in Magecart attacks via HTTP requests. Furthermore, the service's SSL certificate seems to be fine.
I'm letting them do their jobs - I was requested by them to provide them the details and I have done so. They should be able to fix this soon.
I'm letting them do their jobs - I was requested by them to provide them the details and I have done so. They should be able to fix this soon.
Last edited by a moderator:
Eset still blocks the website.
I have received a Direct message from @CashU on Twitter
"Hello dear! Actually it's not a malware or something else. Just don't worry about that. We are already working on a fix. For now, you can use our app without any problems or you can add the website to the whitelist. Thank you. "
4
436880927
It might not be malware but I can understand why it's being flagged by numerous AVs. It's strange. It's not usual to add obfuscated JavaScript code to the end of scripts from official libraries like jQuery and Owl Carousel - especially with anti-debugging checks. Microsoft, Rising, GData and some others have started flagging it as well now, so the detection's are only just increasing instead of decreasing.
CASHU told me to send them full details this morning so they could resolve the problem. I did so. The fix hasn't been pushed out yet.
CASHU told me to send them full details this morning so they could resolve the problem. I did so. The fix hasn't been pushed out yet.
I got a response from cashu support that the issue is solved, I believe its a false alarm by Kasper. Can you try now?
Hello,
Just tried with Bitdefrender, nothing detected
Just tried with Bitdefrender, nothing detected
It wasn't a false alarm by Kaspersky and other AVs but yes looks like it's been fixed now. No more alert from Eset.
You may also like...
-
SmartTube YouTube app for Android TV breached to push malicious update- Started by Gandalf_The_Grey
- Replies: 6
-
-
Xubuntu Website Compromised, Served Malware Downloads- Started by lokamoka820
- Replies: 6
-
Open the wrong “PDF” and attackers gain remote access to your PC- Started by Brownie2019
- Replies: 5
-
Have I Been Pwned: SoundCloud data breach impacts 29.8 million accounts
- Started by Brownie2019
- Replies: 4