Solved

Virus total got hacked ?

Posted on 2016-09-16
10
37 Views
Last Modified: 2016-10-06
https://www.virustotal.com/index.html#!/home  

Virus total changed website design or they got hacked?
0
Comment
Question by:yodaa
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 18

Assisted Solution

by:hopeleonie
hopeleonie earned 125 total points (awarded by participants)
ID: 41801958
No. https://www.virustotal.com lookst still same.
They may be starting something :-)
0
 
LVL 9

Assisted Solution

by:Carlos Ijalba
Carlos Ijalba earned 125 total points (awarded by participants)
ID: 41802049
It looks perfectly normal to me, post a screenshot of what you see just in case that is the PC where you are looking from that has some internal redirect to some other page.

But so far so good, it's as good as always!
0
 

Author Comment

by:yodaa
ID: 41802353
hmmm

Capture.PNG
0
 
LVL 61

Accepted Solution

by:
btan earned 250 total points (awarded by participants)
ID: 41802566
Not hacked for VirusTotal. http://www.urlvoid.com/scan/virustotal.com/

At this writing on the scan above shows legit website but it seems that your capture shows otherwise in term of the layout.

When using it (https://www.virustotal.com/index.html#!/home) in the browser, it should be redirected to https://www.virustotal.com/#!/home, but it seems that your captures did not have that. Try using the redirected URL and also try other browser, clean away your cache. Hope it is not the ISP issue

For assurance, you can run adwCleaner and Junkware removal kit on your machine.
0
 

Author Comment

by:yodaa
ID: 41802707
ISP issue ?
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 61

Assisted Solution

by:btan
btan earned 250 total points (awarded by participants)
ID: 41802714
Some country can control the Web traffic like China and some other.. but this case maybe more a machine as other machine is alright..you should try as those mentioned
0
 
LVL 9

Assisted Solution

by:Carlos Ijalba
Carlos Ijalba earned 125 total points (awarded by participants)
ID: 41802716
Yes your URL of VirusTotal seems weird, as it's not the official one.

Have a look at your hosts file c:\Windows\System32\Drivers\etc\hosts (in case it is a windows machine) to see if there are some redirects there.

Try to open the virustotal URL from other navigators, have you tried from IE, Edge, FireFox & Chrome to see if any of them is affected by a hijacker or search bar and others not?

Try to run a few malware cleaners like btan suggested, you can also try with Malwarebytes, MS own Malicious Software Removal Tool, Spybot Search & Destroy, etc.
0
 

Author Comment

by:yodaa
ID: 41802717
When I google virustotal now and when I clicked on the link It went to original website.
0
 
LVL 61

Assisted Solution

by:btan
btan earned 250 total points (awarded by participants)
ID: 41802934
Have to check the browser for any extension so as to sieve out any potential ones intercepting or causing those issue mention. Like
-Adware (ads software)
-PUP/LPI (Potentially Undesirable Program)
-Hijacker (Hijack of the browser's homepage)
- toolbars

 Try running with MalwareByte AntiMalware, then run HitmanPro.Alert, also later check with AdwCleaner and Junkware Removal Toolkit
https://www.malwarebytes.com/mwb-download/
http://www.surfright.nl/en/alert
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.bleepingcomputer.com/download/junkware-removal-tool/

I am also thinking on doing network packet capture using wireshark or fiddler / Burp Suite but maybe can be overkill if the above did not reveal anything. It is just to make sure the traffic going out is expected.  based on the URL in the HTTP get packet  Did a quick dns check also did not show the site is malicious
http://mxtoolbox.com/SuperTool.aspx?action=dns%3avirustotal.com&run=toolpage
0
 
LVL 61

Expert Comment

by:btan
ID: 41831399
As suggested.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
OfficeMate Freezes on login or does not load after login credentials are input.
This video discusses moving either the default database or any database to a new volume.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now