Blocked threat information

d0x

Active Member
A seperate "log" needs to be added for blocked threats. I recently noticed that in the last week or so it blocked 2 threats which is good..BUT

I have no idea what the threat was, where it came from, when it happened etc. Was it an app trying to do something? Was it from my browser?

The reason we need to be able to access this information is simple. So we can avoid it in the future. I could very well visit the same site or even still have the app installed but i cant tell. What if it is an app trying to contact a c&c server to download something or use my device as a ddos bot and next time adguard doesnt have the server its using in its block list? More and more android malware is being delivered this way, apps downloading files outside the store. Usually they wait until the app has a ton of downloads then update the app with a simple change that allows it to download a malicious payload.

It cant be that difficult to log the info to its own seperate log file. If it triggers a counter then there is already code in place... it just needs to be slightly expanded so instead of just adding 1 to the number on the main screen it also gets a log entry that is seperate from the normal log and it has to be seperate because nobody watches the log all day and you cant tell a blocked ad from a threat.

Please add this... it would enhance the users ability to protect themselves and the actual coding work required to implement it should be minimal.
 
Last edited:

Gray.Fox

New Member
Maybe a separate page with details on what was blocked, where it came from, VirusTotal or similar scan if exists in their database.

I like the idea and it'll informs us.
 

BobbyPhoenix

New Member
I'm bumping this because I had AdGuard have a notification that there was an update, and when I opened it, the stats at the bottom said 2 blocked threats. This showed on both my machines. What 2 threats? How bad are they? Where did they come from? I couldn't find any stats/history to see these. It's great that they were blocked, but without knowing what they were can we be sure they were real, or maybe false positive? No one knows.....

EDIT - I Found another thread with a basic explanation here: https://forum.adguard.com/index.php?threads/threats-blocked.40628/

In case someone else stumbles on this thread.

I sent an email and the reply was this from their email back to me. And I am satisfied with their explanation:

"Under the "threats" definition we mean promo pop-ups, possibly malicious connections to untrustworthy sources and some types of ads.
We still work under development of more detailed report of what is being blocked, but for now the statistics you see is the only option."
 
Last edited:
  • Like
Reactions: d0x

d0x

Active Member
I'm bumping this because I had AdGuard have a notification that there was an update, and when I opened it, the stats at the bottom said 2 blocked threats. This showed on both my machines. What 2 threats? How bad are they? Where did they come from? I couldn't find any stats/history to see these. It's great that they were blocked, but without knowing what they were can we be sure they were real, or maybe false positive? No one knows.....
My point exactly. How do you avoid some threat if you have no record of what it was

I never understood why they could say a threat was blocked by not also record what it was. The best you can do is get a date but that's really not helpful.
 

BlinderTu22

New Member
Could be great, it'd be useful as to know what to avoid in the future. Plus, it'd be easier to distinguish actual threats from false alerts.
 
Top