Malware site on Photobucket?

Talk about internet security, computer security, personal security, your social security number...
Post Reply
barbaz
Senior Member
Posts: 9147
Joined: Sat Aug 03, 2013 5:45 pm

Malware site on Photobucket?

Post by barbaz » Wed Aug 05, 2015 4:19 am

Went to photobucket to view some images, and saw escokuro.com in my script list... it wasn't there before.. it wasn't present in my ABP filters, so did a search, and found almost nothing informative.. except this:
That Photobucket is a damn trojan ....
httq :// cdn . www1 .escokuro. com /inf_pu_toolkit_v2.swf SWF/Exploit.ExKit.AT trojan
connection terminated - quarantined
Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.

(link broken by me)

That domain went straight to Untrusted and is blocked in several other addons here as well now. I think I should even add it to my HOSTS file.

Did NoScript fully stop the threat simply by not letting anything from that domain load?
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: Malware site on Photobucket?

Post by Thrawn » Wed Aug 05, 2015 4:47 am

Offhand, I'd say, probably. Only sites that can run active content would be able to attack your machine. So unless someone put malware into the main photobucket domain, you're probably OK.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:39.0) Gecko/20100101 Firefox/39.0

barbaz
Senior Member
Posts: 9147
Joined: Sat Aug 03, 2013 5:45 pm

Re: Malware site on Photobucket?

Post by barbaz » Wed Aug 05, 2015 6:19 pm

Good. I didn't think there was any issue given that I have antivirus monitoring everything my browser would fetch and nothing was flagged, but did a full system scan with ClamXav anyway before I saw your response, and the only files that turned up infected were definitely not related to this (possibly false positives, actually), so given your reply I think I'm fine.

Just shows how important it is to use some kind of default-deny tool for potentially dangerous stuff.
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply