BRONZ - Threat Source?

**p.dath** · 15th September 2009, 21:58

Whenever I try to visit:

http://www.bronz.org.nz/

I get the following warning from my Trend Micro antivirus:

URL: http://www.bronz.org.nz/
Rating: Dangerous

Threat details:

Verified fraudulent page or threat source.

I know better than to ignore these. Especially when it says the threat has been verified. Anyone have the email details for those looking after the site? Chances are some hacker has got in and installed a nasty.

**Buddy L** · 15th September 2009, 22:08

was reading the write up in KiwiRider from Bronz, about new law changes reguarding motorbikers.

One law change was, that if Jo Blogs see's your ute with a bike on it, he can no longer find your address, by looking up your rego plate.

But then again, someone does a hit and run, and you get the rego, you won't beable to look up there address to deliver your own "just desserts"

**p.dath** · 15th September 2009, 22:10

Oops, sorry people. I meant to post this in "Off Topic". Should have typed a few more characters in the search box.

**NighthawkNZ:Me** · 15th September 2009, 22:28

Originally Posted by p.dath

Whenever I try to visit:

http://www.bronz.org.nz/

What AV are you using it also could be a false positive I have no problem with the site,

there could also be some fancy java script of php script that your AV is trying be too smart over... or it might be the flash banner, or the addthis Bookmark & Share group link

**p.dath** · 15th September 2009, 22:53

Originally Posted by NighthawkNZ

What AV are you using it also could be a false positive I have no problem with the site,

there could also be some fancy java script of php script that your AV is trying be too smart over... or it might be the flash banner, or the addthis Bookmark & Share group link

Trend Micro. When it says "verified", it means one of their humans has manually verified the threat.

It's not an automatic detection thing.

**Jonno.** · 15th September 2009, 23:14

My av say's it's alright. Humans make errors, that is if someone actually checked it.

**Hard Nut** · 16th September 2009, 02:32

Works for me too mate, went straight in..........Anti virus is AVG Free.

Nuts

**NighthawkNZ:Me** · 16th September 2009, 06:55

Originally Posted by p.dath

Trend Micro. When it says "verified", it means one of their humans has manually verified the threat.

It's not an automatic detection thing.

I mainly use AVast and says its okay... both Nortons, McAfee as well AVG say its okay. There is nothing in the code that should trigger an alert...

The only threat from the BRONZ website is BRONZ themself not pushing and fighting ACC hard enough to keep our levies down

**R6_kid:Me** · 16th September 2009, 08:12

Originally Posted by Buddy L

was reading the write up in KiwiRider from Bronz, about new law changes reguarding motorbikers.

One law change was, that if Jo Blogs see's your ute with a bike on it, he can no longer find your address, by looking up your rego plate.

But then again, someone does a hit and run, and you get the rego, you won't beable to look up there address to deliver your own "just desserts"

That's what the cops are for.

**Usarka** · 16th September 2009, 08:19

Symantec corporate edition's ok too.

Maybe ACC are shareholders in Trend Micro.....

**CookMySock** · 16th September 2009, 09:01

It is possible, even likely, that someone has maliciously and falsely reported the site to some security organisation. This is a useable internet-hassle technique, common between political organisations. If it is, and this is the first time something like this has happened, then you have got off lightly.

There are countless ways to fuck some organisation up on the internet, some of them are horrific, illegal, and expensive to repair, right down to the greatly inconvenient, mildly inconvenient, and mildly amusing. It behooves all internet users to discover and use one of them against their mates at least.

Steve

**p.dath** · 16th September 2009, 09:26

I finally found a URL that lets me look up info on the URL:
https://qa.securecloud.com/reputatio...y?locale=en-US

It says bronz.org.nz contains malicious adware. I'll try emailing Trend to get some more info (doub I'll get a usefull response ...).

**CookMySock** · 16th September 2009, 10:20

Originally Posted by p.dath

It says bronz.org.nz contains malicious adware. I'll try emailing Trend to get some more info (doub I'll get a usefull response ...).

I think you will find they are happy to get your report.

Whether you will get a response or not is a different story, but why do you want one? You are only informing them.

Steve

**Genestho** · 16th September 2009, 10:28

If I were you I'd get hold of the designer/maintenance guy, have them check over the scripts.

I had someone kindly dump some malicious code into my old site, I had it checked over and I was assured it was fine, then on redesign, we found the malicious code!!! Found the source too.

My AV is going to the site just fine.

**CookMySock** · 16th September 2009, 10:50

Originally Posted by T.G.W

I had someone kindly dump some malicious code into my old site, I had it checked over and I was assured it was fine, then on redesign, we found the malicious code!!! Found the source too.

Yes, this is very common.

Often they aren't trying to delete everything - they either just want to hide a little robot in a corner so they can send some spam with it, or else deface your main page for a laugh. People who want to remove your whole site usually have a very good reason for wanting to.

You can usually look through the source and find their meeting place, and go gatecrash it. That can be very funny watching their reaction.

Steve

Thread: BRONZ - Threat Source?

Thread Tools

BRONZ - Threat Source?

Thread Information

Users Browsing this Thread

Bookmarks

Bookmarks

Posting Permissions