Just noticed that Antivirus essential on Synology NAS quarantined a Ottercookie JS malware script on 09/10,17 and 24. A bit late, but may be of use to some.
Details:
Js.Malware.Ottercookie-10057860-0 was found in /volume1/docker/pihole/pihole/listsCache/list.10.raw.githubusercontent.com.domains. 2025-09-24 12:04:40
Pihole on DS220+ in docker container
[duplicate post]
That's very likely to be a false positive.
The domain lists don't contain javascript, they are simply a list of domains.
The most likely explanation is that a domain involved in malware is present in the blocklist in question.
If you able to browse the quarantined file, you should be able to confirm this.
Thanks. Panicked - Google said Ottercookie is a nasty sophisticated dormant North Korean infostealer..
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.