Today I encountered a threat block by avast, I got quite paranoid since I did not open anything except a website called Ink361 that I just used to view an “instagram profile”. The threat blocked was by a url from: “purehotcompany.xyz”, infection: URL:MAL might it be a malicious ad that was parked there and was gone afterwards? since I refreshed the page for about an hour nothing else has come up and I know that Ink361 is a legitimate website.
on Ink361 there are ads, so most likely purehotcompany.xyz belongs to a blacklisted ad URL
Or it may is or have been infected, this is what Sophos say
“Access to this page is blocked as the threat Mal/HTMLGen-A has been found on this website.”
Spam Haus states the site, -purehotcompany.xy, is listed in the DBL
so the website blocked for a reason.
When this threat was blocked by Avast you should be OK, no malcode could have had any effect onto your device,
as Avast even prevented your computer from connecting there. Avast has saved your glorious b°h°nd.
Yes and I thank avast for doing that, however i’m curious as to what caused it as I did not visit the said site. could it have been an ad on Ink361? that’s my main question.
In plain words the answer means that when Avast blocks a threat, the malware could not have made contact with your computer,
and that you had a lucky escape. Avast protected you from a malware infection! You are safe and secure!
polonus
The cause is a so-called redirect to a malware website when you visit site A that has hidden redirectcode to a malcoded site B (the site you claimed you never clicked, and you did not, but were brought there by infection) you can infested, you never willfully clicked that website but you were directed there through probably hidden obfuscated malcode. Site A could not be aware malcreants have added such a malicious hidden redirect to their website, but Avast detected it and made you could not go there by blocking it. It is a bit sinister story but malcreants work in such hideous ways to infest the unaware and those without protection from Avast.
In quite some instances it does, but I would run no risk whatsoever and install a good adblocker like uBlock in the browser.
With all the malicious adware around you cannot live without a decent adblocker now.
On Android I would surf as a ´two-staged rocket´ first install these two apps: Tap&Trust and AdblockBrowser. Now when you have entered your search query in the search bar on the Smartphone first click Tap&Trust and then click AdblockBrowser and your search results will open up without any ads.
That’s really good to know especially since I also use search on my mobile! would an ad blocker work with my added extensions avast online security and my web of trust though?
I have already reported the instance to Ink361’s support as I think it might have been a 1/1000 instance of a bad ad or rather a bad redirect on their page since virustotal shows nothing wrong/suspicious with their website.
To scan a website after a VT scan, click “additional information” tab and scroll down to bottom
Click on the Sucuri or Quttera links for website scanning
For scanning website with VT you need to get the html code and upload that to VT as a file
Thank you for the tips and for clarifying my question really helps to know that it was indeed a rogue ad on a legit website and has been already taken down.