I was just notified by one visitor to my site that they received the following message: Web attack: Malicious JAVA class download 2. He has received this message several times - I have no idea what that means, nor what to do next. I am on a MAC. I am using a Wordpress theme for my website/blog and some wordpress plugins. Can one of those be causing it? Would having any of the Norton Software prevent something like this 'going out' to my viewers? I haven't heard from anyone else with a problem so I don't know if it's just on his end or if my site is infected or trying to infect others...this is all confusing stuff to me! Any help would be appreciated...
Thanks for your quick reply. Answers: I am up to date on my iMac, short of installing Lion. And I just did a series of updates tonight, as a matter of fact. As for FlashBack/FlashFake Trojan, I hadn't a clue what that was about so I googled it and learned a few things. I ran the scripts from Mashable and found no errors. But I've updated my Java. Can you check it again for me when you get a moment and see what you get this time around? thank you so much...this freaks me out since I'm not techie enough to know what to do next...
brendatharp.com
Oh and as for security program, I used to have Norton but it went out of date and I thought I was 'safe' so I hadn't purchased a new program. maybe it's time to do that. :)
I’ll be happy to re-check your site for you. In the meantime I would strongly recommend that you purchase the latest Norton security prouduct to help protect your Mac; I believe Norton Internet Security is still available for Mac it’ll be your best option for securing your Mac. I know Macs’ are less vulnerable to viruses & other malware compared to Windows based computers but it doesn’t mean they’re 100% secure either.
I have been checking your website since you first posted yesterday using various browsers on two different machines. I have not been able to reproduce any alerts from Norton regarding a Malicious JAVA class download 2.
SInce Tech83 saw an alert, it may be a random issue or it may be a false positive.
It would be helpful to know what security program your visitor was using which prompted this alert.
The majority of malicious payloads found on websites have been placed there by third parties. The only way to really confirm if your site has a problem is to contact your hosting provider and inform them you have had reports of Malicious JAVA class download 2. They should be able to check your site at their server level (at no charge) for malicious content and report back to you in short order.
Your website seems to be OK now. I too saw the Norton alert when you first posted. I did notice that Norton was OK while Noscript was blocking scripts, but soon as I unblocked the scripts I got the Norton alert. (There were some strange scripts with names like LITTLE.HEVYZ.IN)
Thank you for your reply - the visitor was using Norton Anti-Virus but I don't know more than that. Hopefully, my Java Update I just did last night also helped, but I'm going to check into getting AV software regardless just to further protect myself...I WILL however contact my server provider as you suggested. Many thanks for that idea.
Thanks, too, fo liking my photographs. It's what I do much better than this internet stuff, lol!
I have re-checked your blog site & didn’t receive a warning when I checked so I think your site’s ok now. But I still recommend you get Norton Internet Security for Mac everything I’ve heard about the product is it’s a very good program.
I was just notified by one visitor to my site that they received the following message: Web attack: Malicious JAVA class download 2. He has received this message several times - I have no idea what that means, nor what to do next. I am on a MAC. I am using a Wordpress theme for my website/blog and some wordpress plugins. Can one of those be causing it? Would having any of the Norton Software prevent something like this 'going out' to my viewers? I haven't heard from anyone else with a problem so I don't know if it's just on his end or if my site is infected or trying to infect others...this is all confusing stuff to me! Any help would be appreciated...
Davec33 wrote: Your website seems to be OK now. I too saw the Norton alert when you first posted. I did notice that Norton was OK while Noscript was blocking scripts, but soon as I unblocked the scripts I got the Norton alert. (There were some strange scripts with names like LITTLE.HEVYZ.IN)
Hi Davec33 and Tech83
This afternoon, I received an IPS alert (Web Attack: Malicious Java Class Download 2) when visiting the OP's site. Could both of you please check your Security History and advise if you have similar attack details to the following?
Thanks
Category: Intrusion Prevention
Date & Time
14/04/2012 15:44
Risk
High
Activity
An intrusion attempt by 31.184.242.164 was blocked.
I as well must confirm the malware alert as being present on your site. As has been previously suggested it’s strongly recommended that you have site host verify that your site’s clean & please make sure your computer is clean as well. I recommend using Norton Internet Security for Mac.
Tech83
P.S. I asked a McAfee user to view your site & they reported a similar message from their security product.