Jump to content

5.101.110.225


mutemule

Recommended Posts

I'm unable to determine why exactly MB is flagging this as a bad domain, as it's not giving any details about files. Here's the log in its entirety:
 

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.896
Update Package Version: 1.0.23634
License: Trial

-System Information-
OS: Windows 10 (Build 18362.815)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Trojan
Domain: flowai.ams3.digitaloceanspaces.com
IP Address: 5.101.110.225
Port: 443
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

I'm digging into this because someone visited a site that has embedded resources from hxxps://flow.ai/, and MB is throwing up a trojan warning, but not providing any specifics: no trojan name, no filename, no history.

You can replicate this simply by visiting hxxp://flowai.ams3.digitaloceanspaces.com/.

(Hopefully this report is sufficient. Some of the guidance given around providing logs and information is a bit dated, and I couldn't find logs in the places instructed.)

Link to post
Share on other sites

  • Staff

Hello, 

Please see here:

Block is on *.ams3.digitaloceanspaces.com

Details:

https://www.virustotal.com/gui/url/c881a769037ab6bf99b85cc8bf196888e68cb8e34d5986bba6774b2bbc422200/detection

Also here:

https://www.virustotal.com/gui/file/e1287a7444938798b41d07b65c67d4c8a8315e873aae405a25bae3bcb1288f1b/detection

 

Link to post
Share on other sites

Looking over this in more detail:

digitaloceanspaces.com is effectively a multi-party CDN (like S3). I realize that this is a touchy topic, and I'm not interested in getting deep into this debate, but blocking the entirety of this domain is pretty far-reaching.

I've reported this to Digital Oceans' security team, as I imagine they care about this. Hopefully it gets resolved quickly.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.