Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Malwarebytes reports Trojan every 4 hours #574

Open
Compunologist opened this issue Sep 8, 2024 · 2 comments
Open

Malwarebytes reports Trojan every 4 hours #574

Compunologist opened this issue Sep 8, 2024 · 2 comments

Comments

@Compunologist
Copy link

Malwarebytes reports a Trojan with dnscrypt-proxy trying to reach two IP numbers. This seems to occur every 4 hours.

Trojan_Screenshot 2024-09-08 100108
Website blocked due to Trojan

Detection History_Screenshot 2024-09-07 232154
Detection occurs every 4 hours

Malwarebytes Website Blocked Report 2024-09-07 231828.txt
ba26ca1a-6d5e-11ef-ab1f-dc4546c03275.json

Simple DNSCrypt v0.7.1 (x64) [dnscrypt-proxy 2.0.42]
Malwarebytes v5.1.9.124
OS: Windows 11 Pro (Build 22631.4037) v23H2
@jedisct1
Copy link

jedisct1 commented Sep 8, 2024

Why didn't you report this to Malwarebytes instead?

@Compunologist
Copy link
Author

I created a support ticket at Malwarebytes and they responded that after having reviewed the IP's it was confirmed there were no active threats remaining and the block has been removed. These IP's are part of the public DNSCrypt resolvers list and apparently at some point the IP's may have contained malware prior to being used by DNSCrypt.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jedisct1 @Compunologist