Infected web page detected : GT:JS.Backdoor.2.D0DE3B58

Hi. I'm consistently getting a notification from BIS about the samples at

[*url removed by @Flexx*]

under the heading "Learning centre" (click "Explore!").

Infected web page detected

3 minutes ago


Online Threat Prevention

We blocked this dangerous page for your protection:

[*url removed by @Flexx*]

Threat name: GT:JS.Backdoor.2.D0DE3B58

Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

Is this a real threat? I can understand the idea that maybe it's trying to do something to the browser that I might not prefer, but the "backdoor" naming of the threat makes it look more like a deliberate exploitation attempt to me. But if this is a legitimate site, then it can only be either a false positive or else they got hacked?