Jump to content

Block list removal request


Go to solution Solved by BjelakovicL,

Recommended Posts

Hello there, 

Our users report to us that MalwareBytes is categorizing us as "RiskWare". We host cybersecurity competitions and technical skills labs, so there are a number of artifacts such as compiled binaries and network pcaps hosted on our site which may be the cause of the categorization. Our domain is cyberskyline .dot. com, what are the steps that we need to take to be removed from the block list?

Thanks for your attention in this matter!

Link to post
Share on other sites

  • Staff

Hi,

Domain is blocked because of these links:

https://cyberskyline.com/artifact/5ca3a87a0aa5052c05874b42/5c73cad2f346a133d37881e1/5cbc99a774381f380ef8182e/5cc0c62ea88474750e71cda5/5cc0c73da88474750e71cda6/download?t=0116
http://cyberskyline.com/artifact/5c858312818ae10923d68fb0/5c73cad2f346a133d37881e1/5cbc99a774381f380ef8182e/5cc0c62ea88474750e71cda5/5cc0c73da88474750e71cda6/download
http://cyberskyline.com/artifact/5abc61e36bbe493b996b7238/5c73cad2f346a133d37881e1/5cbc99a774381f380ef8182e/5cc0c62ea88474750e71cda5/5cc0c73da88474750e71cda6/download?t=0116
http://cyberskyline.com/artifact/5bb42cb94cefcd72612bca88/5c73cad2f346a133d37881e1/5cbc99a774381f380ef8182e/5cc0c62ea88474750e71cda5/5cc0c73da88474750e71cda6/download?t=0116
https://cyberskyline.com/artifact/5abc61e36bbe493b996b7238/5c73cad2f346a133d37881e1/5cbc99a774381f380ef8182e/5cc0c62ea88474750e71cda5/5cc0c73da88474750e71cda6/download?t=0116

VT scan: https://www.virustotal.com/gui/file/579e331780e17ab0938d2b87a37f2218bad11f8890e297e4082cbdf12e0d2fe7

Edited by BjelakovicL
Link to post
Share on other sites

Hi @BjelakovicL, thanks for linking that. Yeah that's one of the artifacts that we host as part of a CTF, it's benign but it contains common malware code so that the users who are tasked with reversing it to identify what domain it's phoning home to (a fictitious one as well) can interact with something realistic. Any recommendations for our particular situation? I suppose we can host it on a separate domain but that seems like a counterintuitive approach as it could be seen as an evasive technique. 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.