Bitcoin Forum
November 07, 2024, 04:30:30 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: malwarebytes detecting trojan on bitmain.com  (Read 295 times)
rpg101 (OP)
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
December 15, 2018, 02:53:49 PM
 #1

not sure if this is the correct place to post this, but I'm getting alerts from malwarebytes on the bitmain.com main page that it is trying to connect to o7tnsxhoh.qnssl.com. This happens both on chrome and IE
LTU_btc
Legendary
*
Offline Offline

Activity: 3234
Merit: 1375


Slava Ukraini!


View Profile WWW
December 16, 2018, 12:13:39 AM
 #2

I have checked Bitmain website recently on several browsers both on my PC and smartphone and I didn't this warning (I use Avast antivirus). Maybe they already solved this issue. Are you sure that your device is clean?

mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
December 16, 2018, 01:33:02 AM
 #3

It's either a false positive, or your computer itself is infected. I'm personally not a fan of Bitmain but I think Bitmain's website should be safe. I suggest picking a better software; I personally use Microsoft's built in antivirus along with MalwareBytes[1] when I'm on my Windows device.


[1] https://www.malwarebytes.com/

» t3rminal.xyz «
Telegram Alert Bots for Traders
bL4nkcode
Copper Member
Legendary
*
Offline Offline

Activity: 2142
Merit: 1307


Limited in number. Limitless in potential.


View Profile
December 16, 2018, 05:54:53 AM
 #4

It's either a false positive, or your computer itself is infected.
This might the reason, I use Norton and browse the site of bitmain but didn't detect any malicious malware there.

[EDIT]
I search the o7tnsxhoh.qnssl.com subdomain and the google resulted that this sud-domain and bitmain is kinda related (if I'm not mistaken).

Here's the image of some in of their layout related js. And your anti-virus might detected it as a malware coz the o7tnsxhoh.qnssl.com subdomain doesn't exist or down already.

buwaytress
Legendary
*
Offline Offline

Activity: 2982
Merit: 3691


Join the world-leading crypto sportsbook NOW!


View Profile
December 16, 2018, 11:35:30 AM
 #5

I'm not finding anything on bitmain.com, also running on updated database. QN SSL seems to be running on quite a number of Chinese-based websites as well, and the main domain does turn up on a lot of Chinese forums, none discussing it as a threat (from Google translate anyway). The main site itself doesn't seem to load except for a page title in Chinese.

Most likely a past association with SSL, you should do as recommended and perform a thorough scan and cleaning, but I'm sure it's harmless.

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
rpg101 (OP)
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
December 16, 2018, 03:42:50 PM
 #6

got the alert on 2 different PC's, both by malwarebytes. Went to the qnssl.com main page and also got the same trojan alert. Googling the site it shows it has been associated with trojans so it might have made malwarebytes black list
1Referee
Legendary
*
Offline Offline

Activity: 2170
Merit: 1427


View Profile
December 16, 2018, 07:07:33 PM
 #7

got the alert on 2 different PC's, both by malwarebytes. Went to the qnssl.com main page and also got the same trojan alert. Googling the site it shows it has been associated with trojans so it might have made malwarebytes black list

I just ran their domain through virustotal (it got scanned by 64 AV databases, also malwarebytes) and there is no virus alert at all;
https://www.virustotal.com/#/url/a166b83d6a7f366ade04707c291386374da9fd2e461dd253071f8697bfb44523/detection

Not sure what you plan to buy from Bitmain or what you are trying to look up, but the best option is to ditch it entirely if you don't trust it.

I remember that some well trusted Bitcoin clients were also dealing with false alerts, but it may also be just an attempt to scare off people. There is always an incentive from governments and these hello-I-grant-you-access-to-my-pc AV clients to do so.
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
December 17, 2018, 12:27:56 AM
 #8

got the alert on 2 different PC's, both by malwarebytes. Went to the qnssl.com main page and also got the same trojan alert. Googling the site it shows it has been associated with trojans so it might have made malwarebytes black list

I know this might be quite of a stretch, but both your PCs MIGHT be infected or something. I've checked with 2 more devices as well running MalwareBytes, no alerts or anything. All devices with latest versions of MalwareBytes.

Make sure your MalwareBytes is up to date. Just to be sure.

» t3rminal.xyz «
Telegram Alert Bots for Traders
Lucius
Legendary
*
Offline Offline

Activity: 3416
Merit: 6145


Crypto Swap Exchange🈺


View Profile WWW
December 18, 2018, 02:37:39 PM
 #9

rpg101, be sure that you use legitimate site and not some fake phishing site. Then you can use their support and ask about your problem.

I also visit Bitman site and I notice that page can not be fully loaded because of o7tnsxhoh.qnssl. com on Firefox (performing TLS handshake), but there is not such problem in Opera browser. I also use Malwarebytes Premium and there is no detection of any malware/trojan on this site.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
BitMaxz
Legendary
*
Offline Offline

Activity: 3430
Merit: 3165


Playbet.io - Crypto Casino and Sportsbook


View Profile WWW
December 18, 2018, 11:57:22 PM
 #10

Make sure it is a right domain or website because there is some fake website that uses punnycode to make a same domain and to trick the url.

Based on Virus Total it shows 0/67 everything is fine and clean.

It looks like your software malwarebytes is not updated or you are just using a crack version of malwarebytes. Try to update your malwarebytes to the latest version and latest database and scan the whole website again.

I scanned the website again to other malware online scanner but everything is clean.

- https://sitecheck.sucuri.net/results/bitmain.com
- https://scanner.pcrisk.com/detailed_report/bitmain.com#details

███████████████
█████████████████████
██████▄▄███████████████
██████▐████▄▄████████████
██████▐██▀▀▀██▄▄█████████
████████▌█████▀██▄▄██████
██████████████████▌█████
█████████████▀▄██▀▀██████
██████▐██▄▄█▌███████████
██████▐████▀█████████████
██████▀▀███████████████
█████████████████████
███████████████

.... ..Playbet.io..Casino & Sportsbook.....Grab up to  BTC + 800 Free Spins........
████████████████████████████████████████
██████████████████████████████████████████████
██████▄▄████████████████████████████████████████
██████▐████▄▄█████████████████████████████████████
██████▐██▀▀▀██▄▄██████████████████████████████████
████████▌█████▀██▄▄█████▄███▄███▄███▄█████████████
██████████████████▌████▀░░██▌██▄▄▄██████████████
█████████████▀▄██▀▀█████▄░░██▌██▄░░▄▄████▄███████
██████▐██▄▄█▌██████████▀███▀███▀███▀███▀█████████
██████▐████▀██████████████████████████████████████
██████▀▀████████████████████████████████████████
██████████████████████████████████████████████
████████████████████████████████████████
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!