whichbuffer
commented
3 years ago Hi @gabrielboucher Thank you for contacting with me , I removed this domain inside the config file. Have a great day and be safe.
Closed gabrielboucher closed 3 years ago
whichbuffer
commented
3 years ago Hi @gabrielboucher Thank you for contacting with me , I removed this domain inside the config file. Have a great day and be safe.
Hi,
I am domain admin for n1-headache.com and it has been reported that our domain was used as a potential C&C domain in this file: https://github.com/whichbuffer/Malware-Analysis/blob/main/MalwareSample/REvil/config_decoded.txt#L129
Our server has since then been cleaned up after this report but our domain keeps being marked as potentially malicious by various security software and appliances, and it's been an uphill battle to manage these reports.
A few vendors have reported this URL to us as being a potential source for this problem. Is it possible to have our domain name removed from that file so that we can finally get de-listed from block lists for good?
Thanks you for your help.