malwarebytes detecting trojan on bitmain.com

[rpg101]

not sure if this is the correct place to post this, but I'm getting alerts from malwarebytes on the bitmain.com main page that it is trying to connect to o7tnsxhoh.qnssl.com. This happens both on chrome and IE

[LTU_btc]

I have checked Bitmain website recently on several browsers both on my PC and smartphone and I didn't this warning (I use Avast antivirus). Maybe they already solved this issue. Are you sure that your device is clean?

[mk4]

It's either a false positive, or your computer itself is infected. I'm personally not a fan of Bitmain but I think Bitmain's website should be safe. I suggest picking a better software; I personally use Microsoft's built in antivirus along with MalwareBytes[1] when I'm on my Windows device.

[1] https://www.malwarebytes.com/

[bL4nkcode]

It's either a false positive, or your computer itself is infected.

This might the reason, I use Norton and browse the site of bitmain but didn't detect any malicious malware there.

[EDIT]
I search the o7tnsxhoh.qnssl.com subdomain and the google resulted that this sud-domain and bitmain is kinda related (if I'm not mistaken).

Here's the image of some in of their layout related js. And your anti-virus might detected it as a malware coz the o7tnsxhoh.qnssl.com subdomain doesn't exist or down already.

[buwaytress]

I'm not finding anything on bitmain.com, also running on updated database. QN SSL seems to be running on quite a number of Chinese-based websites as well, and the main domain does turn up on a lot of Chinese forums, none discussing it as a threat (from Google translate anyway). The main site itself doesn't seem to load except for a page title in Chinese.

Most likely a past association with SSL, you should do as recommended and perform a thorough scan and cleaning, but I'm sure it's harmless.

[rpg101]

got the alert on 2 different PC's, both by malwarebytes. Went to the qnssl.com main page and also got the same trojan alert. Googling the site it shows it has been associated with trojans so it might have made malwarebytes black list

[1Referee]

got the alert on 2 different PC's, both by malwarebytes. Went to the qnssl.com main page and also got the same trojan alert. Googling the site it shows it has been associated with trojans so it might have made malwarebytes black list

I just ran their domain through virustotal (it got scanned by 64 AV databases, also malwarebytes) and there is no virus alert at all;
https://www.virustotal.com/#/url/a166b83d6a7f366ade04707c291386374da9fd2e461dd253071f8697bfb44523/detection

Not sure what you plan to buy from Bitmain or what you are trying to look up, but the best option is to ditch it entirely if you don't trust it.

I remember that some well trusted Bitcoin clients were also dealing with false alerts, but it may also be just an attempt to scare off people. There is always an incentive from governments and these hello-I-grant-you-access-to-my-pc AV clients to do so.

[mk4]

got the alert on 2 different PC's, both by malwarebytes. Went to the qnssl.com main page and also got the same trojan alert. Googling the site it shows it has been associated with trojans so it might have made malwarebytes black list

I know this might be quite of a stretch, but both your PCs MIGHT be infected or something. I've checked with 2 more devices as well running MalwareBytes, no alerts or anything. All devices with latest versions of MalwareBytes.

Make sure your MalwareBytes is up to date. Just to be sure.

[Lucius]

rpg101, be sure that you use legitimate site and not some fake phishing site. Then you can use their support and ask about your problem.

I also visit Bitman site and I notice that page can not be fully loaded because of o7tnsxhoh.qnssl. com on Firefox (performing TLS handshake), but there is not such problem in Opera browser. I also use Malwarebytes Premium and there is no detection of any malware/trojan on this site.

[BitMaxz]

Make sure it is a right domain or website because there is some fake website that uses punnycode to make a same domain and to trick the url.

Based on Virus Total it shows 0/67 everything is fine and clean.

It looks like your software malwarebytes is not updated or you are just using a crack version of malwarebytes. Try to update your malwarebytes to the latest version and latest database and scan the whole website again.

I scanned the website again to other malware online scanner but everything is clean.

- https://sitecheck.sucuri.net/results/bitmain.com
- https://scanner.pcrisk.com/detailed_report/bitmain.com#details