Needs quick attention

I see nothing about that, Virustotal and Malcure webscan (web site scanners I sometimes use) say there's nothing suspicious on blog.arduino.cc
I think (hope) that such Avast message is a false positive, I abandoned Avast years ago for this and other reasons...
PS: btw, how can Arduino blog be a phishing site??...

I would agree it does not sound like Arduino would do such a thing.
And to be honest it is the first time I have seen that.
However I have taken due diligence and reported it here.
False positive is probably the cause as you say.

Avast has seen me a number of years and has been consistently lightweight compared to Norton Mcafee bloatware.
We all have out own favourite security set ups.

Does Avast have a scan log, showing what it has found here enough to say it's a "URL:Phishing" infection?

PS: Maybe it just doesn't like the uncommon TLD "cc"... :wink:

Hi @Ballscrewbob. Thanks for your report.

Which URL were you attempting to open when you got this? I see arduino.cc in the screenshot, but I wasn't sure whether that was the page you were on before you attempted to open the page that triggered the detection, or whether the detection occurred while opening https://www.arduino.cc/

Was opening the main Ardiono page.

Still throwing the error.

Thanks for the clarification.

Arduino's security team has escalated this to Avast in order to verify that the detection is a false positive.

Once that process is completed, the Avast database will be updated so that this detection will no longer occur.

Thanks so much for bringing this to our attention @Ballscrewbob!

Just to add to what @Ballscrewbob reported, I can confirm it's the same for me too when accessing www.arduino.cc on a Windows 10 PC using chrome.

I expanded the details and got this additional information:

1 Like

Which Browser are you using, when attempting to open the site?

I only say this because I know the browsers can be the problem. I always do a check with a second browser if I hit any type of connection problem.

In my particular case, I happen to have another W10 PC, this time using Firefox v113.0.2 (64-bit) and accessing www.arduino.cc I get:

Firefox indicates a different URL. My W10 Chrome PC goes with the previous URL.

Both PCs run the free version of Avast with the same version:

Program version:           23.4.6062 (build 23.4.8118.783)
Virus definitions version: 230531-0
Number of definitions:     22,306,208
UI version:                1.0.762

That rules out the browser, which just leaves the cookies.

Does Avast install any of these on the browser on instal?

I am running the same Firefox version with Avira,with no problems.

On my PC with Firefox, I've just deleted all cookies and site data and gone back to www.arduino.cc.

Avast still triggers a threat warning, but with a slightly different URL:
Image2
If I then refresh the web page the suspicious URL reverts back to that of post #11.

There's probably enough info now for Arduino / Avast to figure out what the suspicious file(s) is/are.

2 Likes

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.