Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

False Positive: Malware Alert

Published: 2013-10-24
Last Updated: 2013-10-24 16:38:43 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Update: Barracuda posted a more detailed analysis and packet capture showing that may indeed have been compromissed and delivered a malicious flash file: (thx David for pointing to this)


Earlier today, Google had added to its list of malicious sites. The listing was the result of a false positive triggered by an obfuscated javascript file that is a legitimate part of the site. At this point, the false positive appears to be resolved. 

Sadly, Google is notoriously slow in removing false positives like this. It helps if the site's administrator is signed up with Google Webmaster tools. In this case, a request for review can be filed via webmaster tools, and the administrator will be notified via e-mail if the site is added to the blocklist.

For more details, see:!topic/webmasters/puLmvjtK0m8%5B1-25-false%5D


Johannes B. Ullrich, Ph.D.
SANS Technology Institute

3 comment(s)
Diary Archives