BabyMoon Posted June 3, 2017 Share Posted June 3, 2017 Today I tried to login to my Gatehub wallet and after entered my Authy code, the screen said: "Bitdefender blocked this page The page you are trying to access contains Exploit.CVE-2016-0193.Gen." And asked me if I want to get back to safety or proceed. What should I do? Does the site contain malware? @enej, @gatehub Link to comment Share on other sites More sharing options...
Sjarred Posted June 3, 2017 Share Posted June 3, 2017 That's interesting. I use Bitdefender, and have everything set for the highest protection. But I have never encountered that problem. BabyMoon 1 Link to comment Share on other sites More sharing options...
BabyMoon Posted June 3, 2017 Author Share Posted June 3, 2017 @Sjarred Can you try login right now? I've never encountered this block until login 10 minutes ago. I havent login to Gatehub for a few days. I don't know what to do, proceed or not... Please try login and see if it says the same... Link to comment Share on other sites More sharing options...
Sjarred Posted June 3, 2017 Share Posted June 3, 2017 O Yeah, you are correct. I just tried logging into my Gatehub account, and the same exact thing popped up. I just clicked on "Take me there anyway," and it just log me in as usual. With Bitdefender, at times, I have encountered the same message for other trusted websites. Hopefully, it's nothing bad. Let's see the the Gatehub guys will reply to this. Link to comment Share on other sites More sharing options...
ioloi Posted June 3, 2017 Share Posted June 3, 2017 (edited) Same there here, Bitdefender gives me the same cve-2016-0193.gen block message. I've been noticing strange things going on with gatehub this week and notified Gatehub, but they haven't responded yet. According to this Symantec website, it says it is a form of a Trojan. https://www.symantec.com/security_response/landing/azlisting.jsp?azid=E Edited June 3, 2017 by ioloi Link to comment Share on other sites More sharing options...
ioloi Posted June 3, 2017 Share Posted June 3, 2017 Users beware.. Cryptocurrency is getting so very popular these days, and there are plenty of thieves trying to scam you out of your holdings. also from the National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2016-0193#VulnChangeHistoryDiv BabyMoon 1 Link to comment Share on other sites More sharing options...
BabyMoon Posted June 4, 2017 Author Share Posted June 4, 2017 Well the problem still persist now. I suggest not login into Gatehub until we have some explaination from support. But that will take very long as far as I know. I wish they can answer here soon. @enej @gatehub @gregor @RafOlP For the time being you can check your wallet balance via bithomp.com explorer tool. And hope your xrp is still there. Anyone else please try login and see if you are also blocked (vulnerable alert), and tell what virus software you are using. This is getting alarming, vulnerable alert from Gatehub itself. @Mercury @namini Have you seen this kind of report from users earlier? Sorry to bother. Link to comment Share on other sites More sharing options...
kenrino Posted June 4, 2017 Share Posted June 4, 2017 (edited) No warning with my antivirus here, but I don't use Bitdefender. Strangely yesterday, I downloaded ubuntu from official website and firefox warned me it was a virus, obviously it was not. So, I don't know about gatehub & bitdefender, probably a fake positive but of course you can't be too careful. Edited June 4, 2017 by kenrino BabyMoon 1 Link to comment Share on other sites More sharing options...
Guest Posted June 5, 2017 Share Posted June 5, 2017 We are looking into this right now. I will update asap. So far we haven't found any threat on GateHub platform. Link to comment Share on other sites More sharing options...
BabyMoon Posted June 5, 2017 Author Share Posted June 5, 2017 14 minutes ago, gregor said: We are looking into this right now. I will update asap. So far we haven't found any threat on GateHub platform. Thank you for reaching us! I'll wait until you discover something, to feel safe to login again. Link to comment Share on other sites More sharing options...
Guest Posted June 5, 2017 Share Posted June 5, 2017 This is very likely a false positive and we will even further investigate the issue with Bitdefender. We did a full scan of our clients with multiple antivirus programs and have not found any issues. It looks like the file in question is flagged due to minimisation and usage of cryptographic functions. We will again redeploy this scripts and alert should disappear. Scann results: Wallet: https://www.virustotal.com/en/url/0f10652c5bc7fc9cb4bdc09389cbece304ff39f0c0b6f5788801214b1228e653/analysis/1496673671/ Front page: https://www.virustotal.com/en/url/7e0e06d05a6fbeba3f13c44999d126c41f20ea464127344216cc57f21bf3a67b/analysis/1496673650/ Signin: https://www.virustotal.com/en/url/556f4764e3f8d1cf208010db2d8014b2214fc9dd87d8db1380abb2fcd7f37ed4/analysis/1496673600/ Link to comment Share on other sites More sharing options...
Guest Posted June 5, 2017 Share Posted June 5, 2017 One more proof for a false positive is the fact that Bitdefender recognise the threat on the library github as seen here: https://sitecheck.sucuri.net/results/github.com/devtrw/angular-bcrypt/blob/master/dist/dtrw.bcrypt.js The library itself wasn't change on github for last two years. We will report more when we hear from Bitdefender support. Link to comment Share on other sites More sharing options...
BabyMoon Posted June 8, 2017 Author Share Posted June 8, 2017 (edited) Update: Today I tried login again and the block is gone. Many thanks @gregor Edited June 8, 2017 by deplao Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now