ets2.gr: badware

[ghost]

Prerequisites

• [X] I read and understand the policy about what is a valid filter issue.
• [X] This is NOT a YouTube, Facebook or Twitch report.
• [X] I verified that this issue is not a duplicate. (Search here to find out.)
• [X] I forced an update of my filter lists. (Click the "Purge all caches" button while holding the 'Shift' key, then click the "Update now" button.)
• [X] I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
• [X] I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
• [X] I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
• [X] I am not using uBlock Origin (uBO) along with other content blocker extensions.
• [X] I have verified that the web browser's built-in blocker or DNS blocking (standalone or through a VPN) is not causing the issue.
• [ ] I did not answer truthfully to ALL the above checkpoints.

URL(s) where the issue occurs.

https://ets2.gr/

Description

According to VirusTotal[1] and ThreatFox[2], this website is confirmed as malicious, serves as a malware payload delivery host and the domain is used by GOOTLOADER. It is actively being blocked by custom filters like OISD.nl, but not by uBlock's default filters.

Other extensions used

none

Screenshot(s)

Screenshot(s)

Configuration

Details

```yaml ```

[gorhill]

I don't see the site listed in ThreatFox's hosts file, suggesting it's no longer an issue? It says "Last seen: 2023-08-25".

[ghost]

Although I am not a professional analyst, the following second opinion scanners indicate that the website is still malicious.

Results #1 Results #2