Jump to content
jwclack52

ANSWERED att.com malvertising

Recommended Posts

All of a sudden MB is block att.com (using current Chrome) with a malvertising caution:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/13/19
Protection Event Time: 5:30 PM
Log File: 060c9ac2-2fdf-11e9-a4b3-b06ebf2ffa59.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9252
License: Premium

-System Information-
OS: Windows 10 (Build 17763.292)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Trojan
Domain: netcheckcdn.xyz
IP Address: 64.58.121.60
Port: [57268]
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(end)

No such block using MS Edge.

 

Share this post


Link to post
Share on other sites

All right - I just created a Win10 VM from scratch, installed MBAM premium and Chrome.   Went to ATT.COM and, sure enough, got the same warning from MBAM.  I wasn't even signed in to Chrome. 

This is obviously a false positive / bug in MBAM.  I regret that this has wasted so much of my time.  This needs to be addressed immediately.

JWC

Share this post


Link to post
Share on other sites

In my 30+ years of being an IT professional, I have found that when I submit a valid problem/bug with software, it is invariably met with silence by the vendor.  This tells me that it is, indeed a bug in the product - certainly the case here.

The question here is, has the company not responded because they are hard at work fixing the bug or are they simply ignoring the customers problem in the hope that they (the customer) will go away?  How dare a customer demand that their software actually work?!?

Share this post


Link to post
Share on other sites

This has nothing to do with chrome sync.  Yesterday I created a virgin Win10 VM and installed MBAM, then Chrome.  WITHOUT SIGNING IN TO THE NEWLY INSTALLED CHROME, I navigated to ATT.COM and MBAM threw up the same warning.  MBAM has all of the pertinent files from this VM.  The silence is deafening.

Share this post


Link to post
Share on other sites

This has nothing to do with your browser or a trojan on your system.  I created a virgin Win10 VM and installed MBAM, then Chrome.  WITHOUT SIGNING IN TO THE NEWLY INSTALLED CHROME, I navigated to ATT.COM and MBAM threw up the same warning.  MBAM has all of the pertinent files from this VM.  The silence is deafening.

Share this post


Link to post
Share on other sites

Thanks for posting.  And especially for going through the VM machine exercise.  Very helpful, and so I've reached the same conclusion you did - product bug/false positives. 

I did all the diagnostics yesterday before realizing that it wasn't my machine or setup.  Same as everybody else is saying here - MB immediately flags two domains when accessing att.com - worldnaturenet.xyz (Trojan category) and netcheckcdn.xyz (fraud category).  No issues on ANY other websites, no issues on ANY other browser.  I'm sure we didn't all just coincidentally catch the exact same malware this week! I'm still shaking my head at the long list of solutions offered that did not work for any of us.  

Again, thanks for posting.  

 

 

 

Share this post


Link to post
Share on other sites

Thanks.  I still haven't heard anything about this here on the forums nor after submitting a ticket w/ "support."

Share this post


Link to post
Share on other sites
On 2/16/2019 at 2:24 PM, nasdaq said:

Hi,

Experts here are beginning to suspect ATT.COM.

Contact them.

We have many topics with that error and no solution found yet.

Hmmmm....  Maybe MBAM reps, those who are getting paid to support MBAM, should contact ATT?  We users have to work in order to pay for MBAM.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.