Malicious URL while on Prime.

[Blackhorse06]

Anyone else getting a "Malicious URL Web Reputation Policy Violation" notification while on Prime? My work computer is running Trend Mirco and I am using IE 11 Ver 11.0.23

 

[FF Drifter]

I am getting the same and just shared what I've found on FB. It has been going for a couple of days now and is on every tab/window I open, so it is probably something to do with advertisers. I found some info from other forums: http://artemis.forumchitchat.com/.../api-viglink... (apparently it is for affiliate advertising but is susceptible as a malware vector).

Also on VirusTotal: https://www.virustotal.com/.../d2de321bcf025179.../analysis/

2/65 A/V engines detect it as malicious. My guess is that it is not explicitly malicious "at this time" but it easily has the potential to be. I am choosing to continue blocking it.

I am also on Trend Micro but VT indicates BitDefender and Blueliv pick up on it too.

 

[NSX Prime]

This pops up from time to time with various "protect your computer" software. There have been similar threads in this section over the years about people getting various false positives when on this site for one reason or another. Something will be served from a domain that had also served malicious content, or their heuristic algorithm doesn't like some bit of script running from an external site, etc.

While anything is possible, I'm not aware of viglink ever being successfully used as a malware vector. It's pretty far down my list of concerns. Java in general scares me a lot more, but what can you do, half the web runs on it.

@FF Drifter - The links you posted are shortened with .... in the middle so they don't work.

 

[FF Drifter]

Sorry that middle link should have been: https://www.virustotal.com/en-gb/ur...6be07a970305941f51496f3e009167aa81c/analysis/

viglink just alerted me because I had not previously had issues on NSX Prime, hence I bring it up. I agree Java is much worse, but hey, there's NoScript, right?