"Secure Connection Failed" - Avast Reports Trojan on Site...

https://drive.google.com/file/d/1-ASCK1ZhFZ5BQwIqFkZCW9O9YIEBLeBQ/view?usp=sharing

My wife’s website can no longer be viewed in any browser I’ve tried. The browser says “Secure Connection Failed”, and then Avast Antivirus generates the message shown in the attached screenshot. This seems to be finding a trojan: “HTML:FakeUpdate-Y [Trj]”.
What does this mean? What does this trojan do? If it’s truly a threat, how may I remove it from the site? Thank you very much!

and then Avast Antivirus generates the message shown in the attached screenshot.
What screenshot ?

Check your wife’s website against:
https://www.virustotal.com/
https://en.internet.nl/
https://sitecheck.sucuri.net/

And see what is found, these can often find security issues, that could result in “Secure Connection Failed” error insecure http connection, etc.#

Attaching Images to your post - When you Click the Reply button it opens a text window for you to post your comment (reply or post).
Click the Preview button, that shows what you have input and expands it to include ‘Attachments and other options’. Click that it further expands, here you can attach images, etc. at the bottom of your post.
See my attached image, click to expand.

I’m not sure exactly how to do this, looks like I can’t DIRECTLY upload a photo, but anyway, here goes…

https://drive.google.com/file/d/1-ASCK1ZhFZ5BQwIqFkZCW9O9YIEBLeBQ/view?usp=sharing

Below the box you write in, see attacment and other options

Click the screenshot in DavidR post and see

I’ll try the image again… :frowning:

Malware detected. https://sitecheck.sucuri.net/results/https/balancetobloom.com

Nothing found here - https://www.virustotal.com/gui/url/0b0dd93a794f5ca72908718a8407fb42e2c051ca0ee3a4d2df783674be57b87d

This is pointing what I mentioned about secure connections - https://en.internet.nl/site/balancetobloom.com/2603928/ - essentially you could be redirected to a fake site.

This is also reporting malware - https://sitecheck.sucuri.net/results/balancetobloom.com and security issues.

HTML code scanned
https://www.virustotal.com/gui/file/d86a3397ca999f46146ee1684427673b0b3e22916aebadf297c9cca304355829?nocache=1

Thanks SO MUCH DavidR! :slight_smile:

      Two out of your three suggested test-sites yielded malware reports!  Now I just wish I knew what I could/should do about it.  Much of what the sites report - I have little/no understanding.  It doesn't appear to be something that an "antivirus" program could simply root out and all would be good.  It 'appears' to be maybe poor/lazy coding choices?  I can't tell...  but I no longer believe this is an Avast problem (false-positive).  What are some decent immediate options for actions I could take to resolve this issue??   :-\
What are some decent immediate options for actions I could take to resolve this issue??
You may contact those who made/host the website to remove the malicious code

Alternative, Sucuri can help you for a fee https://sucuri.net/

Thanks VERY MUCH Pondus!

      So it appears that ONLY Avast and 'Fortinet'(?) detected any problem with the site.(?)  What does that say regarding all of the rest of the antivirus programs on Earth?  Or... could it actually be a false-positive detection?  Either way, I'm still kinda lost as to what to do next, since I'm not at all adept at *WEB* security at all.  Please help and/or point me in the right direction.  Thanks again!

The code is new at virustotal, so the result may change in 48h (see info behind details tab)

History:
First Submission
2024-02-01 00:12:52 UTC
Last Submission
2024-02-01 00:12:52 UTC
Last Analysis
2024-02-01 00:34:50 UTC

Please help and/or point me in the right direction.
I did in my previous reply

@Pondus - Sorry I got your message late! As ignorant as it may sound, we’re still trying to find out who her host is!?! We called some company she used to deal with and they said “IONOS” was the host. Neither I nor my wife has ever heard of IONOS and we have zero recall or evidence that we ever sent them any money. I wrote their support department anyway and I’m awaiting a response. Oh well…

Here you go: https://quttera.com/detailed_report/balancetobloom.com

Malware is malicious javascript, several instances of it. Confirms Avast detection.

What Avast did for you was block and drop the connection to your website, thus preventing or minimizing malicious infection.

Typosquatting: https://app.checkphish.ai/domain-monitor?domain=balancetobloom.com

What is typosquatting?: https://en.wikipedia.org/wiki/Typosquatting

Goodness Mchain!

      Thanks very much for that information.  This is all so new to me, so I've got a lot of studying and work to do now.   8)

You didn’t say.

Are you the owner of this website?

If you are, we may be able to help.