Jump to content

Unsure if anything has been done


Recommended Posts

Hi there, I apologize if this is not the right use of the forums, the be perfectly honest I am just stressed with playing catch-up whenever a relative clicks on a link someone sends them on facebook. 

 

I am hoping someone can give me a bit of reassurance here, my mother clicked a link from someone who's account has been compromised  but nothing seems to have happened, here is the message and link in question.

image.png.ac16975cba452a007c8b9592ecc7e92e.png

image.png

Edited by modfolder
Link to post
Share on other sites

Gonna be honest I pressed enter trying to start a new line and it ended up posting, this is the link in question http://tiktok.ti3fsaa.cloud/pO7yKKx
After checking virus total (https://www.virustotal.com/gui/url/817202235e48d1bdc673c1ee252f4360806ac1b634eb1f75d1fa63314bd62419?nocache=1) it only gets detected by BitDefender and "alphamountain.ai" but it is sketch none-the-less.

Link to post
Share on other sites

It is blocked by both the Premium and Browser guard.

Malwarebytes does not report web blocks on Virus total.

image.png.c6f90a137c2a3930dbd3bc184334997a.png

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/21/23
Protection Event Time: 1:32 PM
Log File: 7fbc8358-b21e-11ed-9a6a-4439c43a4aa3.json

-Software Information-
Version: 4.5.23.241
Components Version: 1.0.1920
Update Package Version: 1.0.65969
License: Premium

-System Information-
OS: Windows 10 (Build 19045.2604)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: RiskWare
Domain: polo.thegadgetguru.club
IP Address: 64.227.23.114
Port: 80
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe

 

(end)

Link to post
Share on other sites

1 minute ago, Porthos said:

It is blocked by both the Premium and Browser guard.

Malwarebytes does not report web blocks on Virus total.

image.png.c6f90a137c2a3930dbd3bc184334997a.png

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/21/23
Protection Event Time: 1:32 PM
Log File: 7fbc8358-b21e-11ed-9a6a-4439c43a4aa3.json

-Software Information-
Version: 4.5.23.241
Components Version: 1.0.1920
Update Package Version: 1.0.65969
License: Premium

-System Information-
OS: Windows 10 (Build 19045.2604)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: RiskWare
Domain: polo.thegadgetguru.club
IP Address: 64.227.23.114
Port: 80
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe

 

(end)

I realized this after going to open it on my pc. she opened it on her tablet though, from the looks of it, it just redirects to a phishing website to try and get people to log in using their facebook details. So long as details weren't entered should I feel confident that nothing bad has happened or is it possible for malware to be installed by simply clicking a link on an android tablet? (Running a full scan as we speak.)

Link to post
Share on other sites

2 minutes ago, modfolder said:

it just redirects to a phishing website to try and get people to log in using their facebook details.

It redirects to several sites.

image.thumb.png.421ff06a412620b684c262982d373d42.png

4 minutes ago, modfolder said:

So long as details weren't entered should I feel confident that nothing bad has happened

Most likely.

Link to post
Share on other sites

1 hour ago, modfolder said:

I realized this after going to open it on my pc. she opened it on her tablet though, from the looks of it, it just redirects to a phishing website to try and get people to log in using their facebook details. So long as details weren't entered should I feel confident that nothing bad has happened or is it possible for malware to be installed by simply clicking a link on an android tablet? (Running a full scan as we speak.)

Hi @modfolder,

Yep, you are correct.  These sites are usually just trying to trick users into entering personal information.  Unless an app was downloaded and explicitly installed (user confirms install), very low chance of infection.

Link to post
Share on other sites

32 minutes ago, mbam_mtbr said:

Hi @modfolder,

Yep, you are correct.  These sites are usually just trying to trick users into entering personal information.  Unless an app was downloaded and explicitly installed (user confirms install), very low chance of infection.

Thanks for that, she is quite cautious when it comes to downloading stuff and from what I've been told when she clicked the link nothing loaded for her. If something had been downloaded would a malwarebytes scan clear it up or would it be best to go nuclear and factory reset the tablet.

Link to post
Share on other sites

Hi @modfolder,

Yes, Malwarebytes scan would detect if classified malware was found.  If you're still worried about it, skip the Factory Reset and send over an Apps Report.  I can double check you're all clear.

To send an Apps Report with Malwarebytes for Android use the following instructions.

  1. Open the Malwarebytes for Android app.
  2. Tap the Menu icon.
  3. Tap Your apps.
  4. Tap three lines icon in upper right corner.
  5. Tap Send to support

Choose an email app to send Apps Report.

Your email app will open with the Apps Report included.

At this point, it would be very helpful to mention you are submitting via recommendation from the Malwarebytes forum.  This allows our support staff to know where to direct it.

By sending the Apps Report, you will create a ticket in our support system.

Private Message (PM) me the email used and/or the ticket number assigned.

  • Like 1
  • Thanks 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.