clicktotweet site has a virus?

Viruses and worms
1

Hello, Today i was going to make a tweet with a link so people could click by going to hxxp://clicktotweet.com and avast popped up and said the site has a Trojan Horse on it and so it was blocked.
The details is
Object: hxxp://clicktotweet.com/|>{gzip}
Infection: JS:ScriptPE-inf [Trj]
Action: Connection aborted

IS This a False Positive? ???

2

If webshield blocked it I would tend to think it is genuine

There is probably something in this |>{gzip}

3

http://forum.avast.com/index.php?topic=65606.0
http://forum.avast.com/index.php?topic=65621.0

4

I went to this site on Portable firefox and portable google chrome but i couldn’t go to the site Firefox said it was unsafe and google chrome 6 said it was Malware on it.

5

Read the other topics and you will see that firefox safe browsing also flags this as an attack site.

See my post, http://forum.avast.com/index.php?topic=65621.msg554344#msg554344.

6

Ok So I Guess ClickToTweet website is infected. I told everybody on twitter that follows me to not use it hopefully they will not use the site. :slight_smile:

7

Given the image Milos, one of the avast virus labs team poster in the topic I mentioned, http://forum.avast.com/index.php?topic=65621.msg554222#msg554222. Which is pointing to what is likely to be a malicious site, http://www.google.com/safebrowsing/diagnostic?site=http://withthefirstgo.com/&hl=en and http://www.mywot.com/en/scorecard/withthefirstgo.com.

I would say it appears to be a good detection and the site may have been hacked.

8

Your right i found the owner of the sites email i told him. They told me in a reply that it may take a very long time for him to fix this and fix the security issue that caused them to get hacked

9

Absolutely and the thing is that avast is basically the only AV detecting this, when I checked it out on virustotal it was only avast and gdata (the avast scanner element) that detected it.

http://www.virustotal.com/file-scan/report.html?id=a864e3a570d731dae547669df2ca2ed33a3d508c67ef528a2db2cb9bfac4ed65-1288404814

I can’t understand that attitude, it might take a very long time to fix. It should take seconds to pull the site, put a site under maintenance page and ensure their users aren’t put at risk. Not to mention that would be a great incentive to resolve it quickly and get the site back on-line.

Yes the biggest problem isn’t removing the inserted script tags but finding the vulnerability that is being exploited.

10

:smiley: Clicktotweet fixed their website avast doesn’t pop up any more telling me that the site is unsafe. :slight_smile:

11

So much for it taking a long time ;D
No alert with firefox either.

12

No Alert With Google Chrome Portable Either ;D