Eset is blocking sites and maybe Analytics?

Discussion in 'ESET Smart Security' started by Richard Conram, Aug 28, 2012.

Thread Status:
Not open for further replies.
  1. Richard Conram

    Richard Conram Registered Member

    Joined:
    Feb 8, 2007
    Posts:
    43
    Location:
    Sweden
    It seems that Eset software is currently blocking access to sites under the domain relicnews.com.

    Even some indications it may be related to Google Analytics.

    Now, this is a serious site and I have been a member of its forums for over a decade, granted that Ads and other "imported" scripts may import code under no or little control, but all in all I want an explanation and cant find it on Esets site.

    You may see a thread about this here:
    http://forums.relicnews.com/showthread.php?268466-Heads-up-my-AV-blocks-RN (no login required).

    Explanation please?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    The site is hosting the Sirefef rootkit which is updated to a newer version on a regular basis.
     
  3. Richard Conram

    Richard Conram Registered Member

    Joined:
    Feb 8, 2007
    Posts:
    43
    Location:
    Sweden
    Hmm, afaik, that is a Unix Webserver, how can it be infected with a root kit according to this description?

    It makes little sense
     
    Last edited: Aug 28, 2012
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    I didn't say the server is infected. The attacker somehow managed to get access to the web server so removing the malware, changing the credentials for ftp accounts and updating the software running on the server are highly recommended.
     
  5. Richard Conram

    Richard Conram Registered Member

    Joined:
    Feb 8, 2007
    Posts:
    43
    Location:
    Sweden
    Ok the guys behind the site are getting reports that not only Eset is blocking it but now also Macafee

    There should be no current reason for this and frankly, the information about how this came to occur in the first place is lacking. I am aware of some "lists" on the net that relies on voluntary contributions by any unhappy browsing person. Is Eset using some of these lists? 'Cause once you get on one of those, the job to getting off it can be tedious. Regardless of what amount of threat the site really is to its visitors.
     
    Last edited: Sep 2, 2012
Thread Status:
Not open for further replies.