I was scanning a file on VirusTotal.com and it was identified malicious by only one antivirus (1/68 antiviruses) called CMC so I was interested to know about this antivirus, see if it's the deal or not.
I Googled "CMC antivirus" and I clicked on the first link on the search results:
But suddenly a red page opened up with a different address giving me a Security Error! And a voice playing talking about my security being in danger! And it started sending me files to download I had "Save as" windows on my computer opening each second, PC started to hang, I barely opened the task manager and hardly ended Google Chrome browser.
Here's when my investigation began, I tried scanning both addresses with VirusTotal and Hybrid-Analysis and both reported both addresses clean.
I opened https://www.cmc.com.vn/ with FireFox and it opened fine without sending me to that malicious website.
I booted up a Windows and Linux machine on VMWare and tried opening the website and Firefox did well without sending me to that malicious website.
But Google Chrome on Windows sent me to that malicious address. I didn't get the change to test Google Chrome on Linux, it was too late, I tested the URL on my own machine using Google Chrome and it didn't redirect me to the malicious address.
And about the files that it was trying to download for me, they were just text files containing a number like "55" but the file names were different UUIDs.
All in all I just think the cmc antivirus website was hijacked for a couple of minutes, I thought I could share this with everyone, it was a very unpleasant experience to me.
My question is how to prevent such a thing from happening in the future? of course Google doesn't have the chance to monitor all websites momentarily so the website was not identified as malicious and it opened up and it started giving me a heart attack, do you think having an antivirus on my Windows 10 could have helped? Windows defender seemed to not give a damn.
