This malware being flagged on site?

Viruses and worms
1

http://killmalware.com/reveszeubonto.hu/# infested with Trojan.Script.Expack.bqgmvl.
Avast detects this as JS:Iframe-BNY [Trj]. This is a high risk page: https://app.webinspector.com/public/reports/28541386
Trojans detected:
Object: -http://reveszeubonto.hu/
SHA1: 9f4b14a7168f0c3890aa1ab60b12e3820f0f3630
Name: TrojWare.JS.Agent.LE
Infested and blacklisted site: http://sitecheck.sucuri.net/results/reveszeubonto.hu
The exploit injection: htxps://github.com/MaxCDN/bootstrap-cdn/issues/128 (sneaky code doing user-agent detection, partly solved threat).
Site vulnerable to clickjacking.
IP is also a PHISH - badness history: https://www.virustotal.com/nl/ip-address/46.107.233.228/information/
Also consider: http://www.scumware.org/report/46.107.233.228 (listed at IPblocklist).
Given as dead: http://support.clean-mx.de/clean-mx/phishing.php?id=3435102

polonus

2

BlackHole - First submission 2013-07-02 00:04:56 UTC ( 1 year, 6 months ago )
https://www.virustotal.com/en/file/ced5ce4db272f1b7c20376e7ce8af4f4c4db80fe96f861b15562c40ad0d3ca18/analysis/1420672364/

old code and still some big vendors dont detect? ESET, TrendMicro, Symantec …

3

Hi Pondus,

Thanks for confirming this as an oldie, site still being blocked online by Stop Malware ORG.

polonus