Secure Endpoint Detecting Trojan on My Open Source Project Website
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-28-2022 10:08 PM
I run an open source project, and I recently had a user contact me to let me know that Cisco Security Endpoint is detecting the JS:Trojan.Cryxos.8744 trojan on my website. I've scoured the site/server with numerous CLI virus and malware scanners, as well as numerous remote scanners, and absolutely nothing is being detected. I've also looked through the server and I'm unable to find any issues.
Is there anywhere I can submit my site with Cisco to have it analyzed, or is there someone I can contact to get further information about what's being detected and where?
- Labels:
-
Endpoint Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-30-2022 08:22 AM
Hello @gregLTS ,
i assume that the customer downloaded something from your website (browsing/download file) where Secure Endpoint is detecting something. Would be great having the SHA256 of the detected file, so we can take a deeper look.
Greetings, Thorsten
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-09-2022 04:02 PM - edited 04-09-2022 04:15 PM
The user said they weren't downloading anything when the alert popped up, just visiting the homepage using Firefox. I've included the sha256 of the homepage below. I do also have a single download file offered on the site, so I've included the sha256 for it as well just in case.
Homepage: 5da911b41310e76687a8a4bc1fb9ba8b2a06d3231f4e35df541eccb3a668c65f
Download File: 1aeabcdbc74855b76820c68d95be238bea5401aeb34307c705cc2b4df8ee3eab
