Can you please help me identify if the U.A.E.’s No. 2 (probably) portal has been compromised by a Trojan Horse virus?
A moment ago I’ve tried visiting this website dubizzle.com several times with different browsers but it all ended up with me having my AVAST (Free version) warned me about a Trojan Horse infection. Luckily the warning says that the threat was blocked. In all the websites that I’ve recently visited, the warning only showed up in this website alone.
Based on the warning it seems there was a Java script embedded in the website that triggers the infection, it is called (JS:Downloader-AFY )? I don’t know if I’m just the only one experiencing this or maybe my PC was the one who has been infected? I’m regularly visiting this website and it only happens to me just now.
What would you think? Is it safe for users to further browse this website? I’ve attached a screenshot of the said notification in order for you to check if it is just a false-positive?
If I’m right you haven’t get any warning as per shown in the screenshot? If yes, why I’m getting it? Does it mean that the virus resides in my PC and not in the mentioned website?
I get two alerts on that site, one from the web shield, and another one from the file system shield. Wondering how come that the web shield didn’t block everything ??? (apparently there’s an archive involved that complicated the task somehow…)
ps: @ the OP, can you deactivate your link by replacing http by hxxp?
okay the first test with two alerts was in IE9, I just retried with Firefox 4 and there’s only the web shield alert (with JS allowed to run on the site)… so there’s an issue between IE9 and the web shield it seems….
okay, same in Chrome like in Firefox, just a web shield alert, meaning that there’s a flaw somewhere allowing malware to partially bypass the web shield in IE9.
lol forgot to mention something important >>> my first test in IE9 generating a file shield alert was done with IE9 sandboxed >>> see my screen shot above with malware detected in the IE temp folder ;D
C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D0BU9CEB\top_1286364087[1].js [L] JS:Downloader-AFY [Trj] (0)
According to all those experts who lent their time checking this issue it was confirmed that there was a malicious code (malware) embedded on this website on the date that this topic was posted. But as of this writing I didn’t get anymore the same warning that I’d experienced two days ago. If it was fixed or not I don’t know since Dubizzle didn’t issue anything about it?
If indeed it was fixed, we didn’t know when they’d put a stop on it and when they got aware of its occurrence? Dubizzle didn’t post something about the malicious threat probably because of fear of the negative effects of the problem or I just missed the news regarding this?
If they will just go on silent mode and will not admit that their website had been compromised then people who experienced the issue will still have some questions in their minds.
I’m an official representative of Dubizzle.com and I thought I should send a clarification regarding this issue here.
Dubizzle.com is not infected by any Trojan, thus the new Avast definitions update conflicted with the order we loaded our libraries so you may get alerted by Avast when you try to access Dubizzle.com
In the meanwhile, we have updated our code until the conflict is fixed.
