Thankfully, the incident with my GitHub Pages was resolved yesterday.
Here is what I think worked to resolve it:
๐ I've unlinked, unpublished and removed all demo pages with downloads and installs, no matter how harmless they were
๐ Navigated to the Google Safe Browser Transparency Report and submitted a request for review
๐ Created a profile for my page at the Google Search Console, verified ownership then submitted a request for review under Security & Manual Actions/Security issues
Prior to that I've checked the site to see if there was any malware that I've missed using the services below (some of them still showing false positives):
๐ Sitelock Website Scanner: https://lnkd.in/gzjJsb2a
๐ Sucuri Site Check: https://lnkd.in/gP49R6_w
๐ TrendMicro Site Safety Center: https://lnkd.in/gANEGkqG
๐ CleanTalk Scanner: https://lnkd.in/gdeb2uqW
๐ MetaDefender Malware Analysis: https://metadefender.com/
๐ VirusTotal: https://lnkd.in/gubRjfJF
๐ PCRisk Malware Scanner: https://lnkd.in/gf4mpERp
I've read about threat actors using free static hosting like github.io to distribute malware and other harmful payloads.
In other words, they have been abusing GitHub Pages to host fake/phishing pages.
In one instance they've targeted Pardot users. They were mislead to click a Pardot link, which lead to a fake PDF page made to look like you needed to download an Adobe file, which was in fact a trojan to acquire remote access.
๐ Cyjax - PhishingGit abuse article: https://lnkd.in/gwKwqdXB
