Add burner domain - Githubissues

gwillem / magento-malware-scanner

Scanner, signatures and the largest collection of Magento malware

GNU General Public License v3.0

680 stars 153 forks source link

Add burner domain #207

Closed thomasbrockmeier closed 6 years ago

thomasbrockmeier commented 6 years ago

Received a malware snippet that posts credit card details to an endpoint on brewtees.com

gwillem commented 6 years ago

tnx!

gwillem commented 6 years ago

Oops, merged too quickly. In the context of this scanner, burners are domains that are solely registered for malicious intent. In other words, they don't surface for legitimate purposes elsewhere.

In this case, brewtees.com seems to be a legitimate domain which is hijacked. To prevent false positives, we should only add the full endpoint URL in the backend/frontend.txt.

thomasbrockmeier commented 6 years ago

Thanks for the heads up! Will make sure to add future domains accordingly