Jump to content

Annoying Exploit.JavaMaliciousInboundSocket "Exploit Blocked" Scareware


rcmaehl
Go to solution Solved by rcmaehl,

Recommended Posts

I'm getting spammed with annoying Exploit.JavaMaliciousInboundSocket notifications 2-3 times a minute.

These pop-ups should be setup to not occur if there is no Java process running. With the current setup it is nothing but scareware for users. The internet is being scanned all the damn time by Shodan, Malicious Actors, Researchers, and much much more. Please fix this.

Link to post
Share on other sites

image.thumb.png.f87fe9a34128dfce8218bd5702f76bba.png

The root cause of this is my UniFi AP attempting to contact the UniFi controller runs on this computer as needed, but the UniFi controller not currently running. MalwareBytes has had an issue with this for EIGHT YEARS (Unifi Community Post).

The worst part of this is that there's no way to exclude this spam from MalwareBytes as it doesn't even show up to be allowed

image.png.662996e9aba583379c87a0d4643a293b.png

Link to post
Share on other sites

@rcmaehl Could you post a log instead of the screenshots please.

You can find Scan and Protection logs within the Malwarebytes 4 program in the following location

 

image.png

 

RTP stands for Real-Time Protection and is where automatic protection operations would normally be logged

 

image.png

 

If you click on the View option you should get something similar to the following with other options available.

 

image.png

 

 

 

Thank you

Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/24/23
Protection Event Time: 3:50 PM
Log File: e463abb6-b484-11ed-bdab-7085c234cfa7.json

-Software Information-
Version: 4.5.22.236
Components Version: 1.0.1915
Update Package Version: 1.0.66073
License: Trial

-System Information-
OS: Windows 10 (Build 19045.2364)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Exploit.JavaMaliciousInboundSocket, , Blocked, 0, 392684, 0.0.0, , 

-Exploit Data-
Affected Application: Java
Protection Layer: Application Behavior Protection
Protection Technique: Java malicious inbound socket detected
File Name: 
URL: 

(end)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.