Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Virus total got hacked ?

Posted on 2016-09-16
10
Medium Priority
?
137 Views
Last Modified: 2016-10-06
https://www.virustotal.com/index.html#!/home  

Virus total changed website design or they got hacked?
0
Comment
Question by:yodaa
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 19

Assisted Solution

by:*** Hopeleonie ***
*** Hopeleonie *** earned 500 total points (awarded by participants)
ID: 41801958
No. https://www.virustotal.com lookst still same.
They may be starting something :-)
0
 
LVL 10

Assisted Solution

by:Carlos Ijalba
Carlos Ijalba earned 500 total points (awarded by participants)
ID: 41802049
It looks perfectly normal to me, post a screenshot of what you see just in case that is the PC where you are looking from that has some internal redirect to some other page.

But so far so good, it's as good as always!
0
 

Author Comment

by:yodaa
ID: 41802353
hmmm

Capture.PNG
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 65

Accepted Solution

by:
btan earned 1000 total points (awarded by participants)
ID: 41802566
Not hacked for VirusTotal. http://www.urlvoid.com/scan/virustotal.com/

At this writing on the scan above shows legit website but it seems that your capture shows otherwise in term of the layout.

When using it (https://www.virustotal.com/index.html#!/home) in the browser, it should be redirected to https://www.virustotal.com/#!/home, but it seems that your captures did not have that. Try using the redirected URL and also try other browser, clean away your cache. Hope it is not the ISP issue

For assurance, you can run adwCleaner and Junkware removal kit on your machine.
0
 

Author Comment

by:yodaa
ID: 41802707
ISP issue ?
0
 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points (awarded by participants)
ID: 41802714
Some country can control the Web traffic like China and some other.. but this case maybe more a machine as other machine is alright..you should try as those mentioned
0
 
LVL 10

Assisted Solution

by:Carlos Ijalba
Carlos Ijalba earned 500 total points (awarded by participants)
ID: 41802716
Yes your URL of VirusTotal seems weird, as it's not the official one.

Have a look at your hosts file c:\Windows\System32\Drivers\etc\hosts (in case it is a windows machine) to see if there are some redirects there.

Try to open the virustotal URL from other navigators, have you tried from IE, Edge, FireFox & Chrome to see if any of them is affected by a hijacker or search bar and others not?

Try to run a few malware cleaners like btan suggested, you can also try with Malwarebytes, MS own Malicious Software Removal Tool, Spybot Search & Destroy, etc.
0
 

Author Comment

by:yodaa
ID: 41802717
When I google virustotal now and when I clicked on the link It went to original website.
0
 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points (awarded by participants)
ID: 41802934
Have to check the browser for any extension so as to sieve out any potential ones intercepting or causing those issue mention. Like
-Adware (ads software)
-PUP/LPI (Potentially Undesirable Program)
-Hijacker (Hijack of the browser's homepage)
- toolbars

 Try running with MalwareByte AntiMalware, then run HitmanPro.Alert, also later check with AdwCleaner and Junkware Removal Toolkit
https://www.malwarebytes.com/mwb-download/
http://www.surfright.nl/en/alert
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.bleepingcomputer.com/download/junkware-removal-tool/

I am also thinking on doing network packet capture using wireshark or fiddler / Burp Suite but maybe can be overkill if the above did not reveal anything. It is just to make sure the traffic going out is expected.  based on the URL in the HTTP get packet  Did a quick dns check also did not show the site is malicious
http://mxtoolbox.com/SuperTool.aspx?action=dns%3avirustotal.com&run=toolpage
0
 
LVL 65

Expert Comment

by:btan
ID: 41831399
As suggested.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question