False Positive Trojan Risk

[mikesyahoo]

Earlier today a number of our customers using Malwarebytes began reporting problems accessing our site.  I've included a screenshot below.  I think our domain (kickfin.com) or a subdomain of it (apiv2.kickfin.com) is being treated as a trojan risk.  I believe this is a false positive.  We run daily scans using tenable and everything seems clean.  Can you remove this or tell us why you are flagging this as a trojan risk?

Thank you for your assistance.

[Dashke]

Hi, mikesyahoo,

Your website has been identified as part of a malicious Gootloader campaign. Could you please check your server logs for any connections or requests from suspicious IP addresses or unusual user agents (e.g., 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36')? If nothing suspicious is found, we can proceed with removing the block.

[mikesyahoo]

Thanks for getting back to us.  We've reviewed this on our side checking all of the various platforms that make use of that domain.  We don't see any signs that the platforms were compromised.  We also ran security scans with several different tools and all appear clean.  We are confident that the systems are secure and would request that you remove the block.  Thanks!

[BjelakovicL]

Hi,

The block will be removed in the next database update.