- Feb 8, 2016
- 537
It is already included in the list, but after selecting from automatic to control seems to block the script (only two warnings, but after scan no other malicious files found). Thanks for the tips
CashU.com site compromised ?
- Thread starter Divine_Barakah
- Start date
It is already included in the list, but after selecting from automatic to control seems to block the script (only two warnings, but after scan no other malicious files found). Thanks for the tips
- Jul 10, 2018
- 131
anyone with sophos home that can try this out?
- May 10, 2019
- 2,289
Maybe @Raiden can if he's still using SHP?
Any update? Avast still blocks the site i wrote the support on the begin of this thread. no response until now.
- May 10, 2019
- 2,289
CashU support has not responded to me yet. I tweeted @CashU about the issue but my tweet has disappeared somehow
Edit: What concerns me the most is that this site is online banking and one should not see such warnings on such sites. Carelessness -_-
Sorry I don't have it installed atm. It may or may not detect it as it doesn't do HTTPS scanning.
Either way I wouldn't trust that site as it is currently.
- May 10, 2019
- 2,289
Thank you @Raiden Have you uninstalled SHP for the sake of change or have you encountered any specific issues that steered you away from it? Anyway, yes this site should be avoided in its current state until sth is done by developers.
Mostly to try out different programs. I do like SHP a lot, it's improved, but still needs a bit of work. For me the biggest annoyance is it does impact the boot-up/login time into Windows. There's a definite lag there, especially when I compare it to WD and Eset in that regard. I still keep a close eye on it and I will for sure participating in the beta once it's released.
- May 10, 2019
- 2,289
Yes the new version shows great improvement especially when it comes to performance. I like SHP too but will wait to the next version which, I hope, it will address all the issue and refine the product.
After asking them yesterday, got a response:
"Hello Dear,
Thank you for contacting CASHU.
We apologize for the inconvenience caused, would you please provide us with a screenshot with the details of the virus that you are facing.
Should you need further assistance, please do not hesitate to contact us again.
Thank you and best regards,"
attached the warnings from this post and sended them. (Avast still blocks the site)
"Hello Dear,
Thank you for contacting CASHU.
We apologize for the inconvenience caused, would you please provide us with a screenshot with the details of the virus that you are facing.
Should you need further assistance, please do not hesitate to contact us again.
Thank you and best regards,"
attached the warnings from this post and sended them. (Avast still blocks the site)
- Jun 24, 2016
- 2,485
At the present day, I don't get any notification nor blockings from Kaspersky IS 19, although I have web protection set on minimum and I have disabled Kaspersky injection on websites.
- May 19, 2016
- 1,580
Hello,
I am a bit worried:emoji_disappointed:
Can we conclude that only av that detect these files are effective?
I am a bit worried:emoji_disappointed:
Can we conclude that only av that detect these files are effective?
- Mar 16, 2019
- 3,862
On my Firefox with uBO & uMatrix installed I get no popup from Eset. The websites loads fast but every script except googletagmanager is allowed so not sure what uMatrix is blocking here that's making those malicious script not to load. While on Microsoft Edge(EdgeHTML) with only Adguard extension enabled, the website takes a lot of time to load and 20+ Eset popup show up. I also have Privacy Possum installed on Firefox which is blocking 58 referrer headers, not sure if it's related.
I was doing some de-obfuscation last night and it looked to me that the JavaScript doesn't support calling home like it would in Magecart attacks via HTTP requests. Furthermore, the service's SSL certificate seems to be fine.
I'm letting them do their jobs - I was requested by them to provide them the details and I have done so. They should be able to fix this soon.
I'm letting them do their jobs - I was requested by them to provide them the details and I have done so. They should be able to fix this soon.
Last edited by a moderator:
- Feb 17, 2018
- 870
Eset still blocks the website.
- May 10, 2019
- 2,289
I have received a Direct message from @CashU on Twitter
"Hello dear! Actually it's not a malware or something else. Just don't worry about that. We are already working on a fix. For now, you can use our app without any problems or you can add the website to the whitelist. Thank you. "
It might not be malware but I can understand why it's being flagged by numerous AVs. It's strange. It's not usual to add obfuscated JavaScript code to the end of scripts from official libraries like jQuery and Owl Carousel - especially with anti-debugging checks. Microsoft, Rising, GData and some others have started flagging it as well now, so the detection's are only just increasing instead of decreasing.
CASHU told me to send them full details this morning so they could resolve the problem. I did so. The fix hasn't been pushed out yet.
CASHU told me to send them full details this morning so they could resolve the problem. I did so. The fix hasn't been pushed out yet.
I got a response from cashu support that the issue is solved, I believe its a false alarm by Kasper. Can you try now?
- May 19, 2016
- 1,580
Hello,
Just tried with Bitdefrender, nothing detected
Just tried with Bitdefrender, nothing detected
- Mar 16, 2019
- 3,862
It wasn't a false alarm by Kaspersky and other AVs but yes looks like it's been fixed now. No more alert from Eset.
Similar threads
