Page 4 of 5

Re: redirects to malware sites

Posted: Sun Dec 30, 2018 2:32 pm
by svaraej
One probable reason for people following might be all your drama. One probable reason for people not commenting might be your drama.

Re: redirects to malware sites

Posted: Sun Dec 30, 2018 2:44 pm
by mike2017mike
You posted your evidence of being redirected to malware and scams and are still denying it is happening ? ? ? ?

It is now very obvious that Opensubtitles.org do not care to what they subject their users, including children, as long as they get payment for redirecting to scams , malware and porn



My message to the thousands and thousands of people following this thread.........

I opened this thread originally to show opensubtitles.com that their advertising 'partner' is redirecting their users to unwanted sites, not adverts

I also tried to warn them that, following the Australian courts ordering ISPs to block opensubtitles.org, the links to illegally watch copyright material have been noted by several other authorities

I really don't care about opensubtitles.org any more

This is my last post

Don't bother to reply as this post is the last time either opensubtitles.xxx or cobalten.xxx (globally acknowledged as provider of malware/virus ; just Google them) will be allowed through any of my routers

Goodbye

Re: redirects to malware sites

Posted: Wed Jan 02, 2019 10:39 pm
by SmallBrother
Thank God.

Re: redirects to malware sites

Posted: Thu Jan 03, 2019 6:27 am
by oss
he will have empty google results for searching subtitles then :)

Re: redirects to malware sites

Posted: Thu Jan 24, 2019 7:12 pm
by robtheone
I have been noticing that when I sign on to Subtittles.org in the last couple of months, I keep getting Norton warnings about "Intrusion Attacks" and "Web Attack: Fake Tech Support Domains 2". It seems that based on the previous discussions in the post, that this is a known issue, but it seems really bad that it continues to happen with every web login. Is this by design? I have only ever seen this happen on shady websites, or porn sites, but not legitimate organizations. Anyways, wanted to report the issue. Whether or not your organization makes changes is completely up to you, but seems like a bad road to go down if you are aware of the problem.

Running Windows 10 Pro - Version 1809, Build 17763.195
Chrome Version 71.0.3578.98 (Official Build) (64-bit)
The only extensions I have enabled in Chrome are Lastpass and Vanilla Cookie Manager, neither of which should be causing these issues.

Copies of the last 2 Norton Entries complaining about the malware attacks.

Image
Image

Thank you.

Re: redirects to malware sites

Posted: Fri Jan 25, 2019 1:23 pm
by AlexP88
Hello,

This is Alex from Propeller. My apologies for late response.
Could you please provide me with the links of the ads that seem to be intrusive of any kind to you.

Looking forward to your reply.

Re: redirects to malware sites

Posted: Sat Jan 26, 2019 2:42 am
by robtheone
Hi Alex,

I am not sure which specific ads are causing the issue. It happens every single time that I go to opensubtitles.org in a web browser, currently using Chrome. I have not and am not experiencing this issue with any other website. When I look at Norton history, it shows the following:

IPS Alert Name: Web Attack: Fake Tech Support Domains 2
Attacking Computer: cobalten.com (188.72.213.175, 443)
Source address: 188.72.213.175

Network traffic from cobalten.com matches the signature of a known attack. The attack resulted from ....Chrome.exe.

Here is a screen cap of the Norton intrusion attack warning I just received while opening the website.

Image

I personally have no objection to seeing ads with naked women on my browser, but an alert from Norton about an "instrusion attack" seems more troubling.

Does this provide you the details you need?

FYI - I also downloaded the opensubtitles uploader program last night to be able to easier upload subtitles, opensubtitles-uploader-2.4.0-win32-setup.exe, and Norton gave me an "untrusted" warning about the program. So I went to hybrid-analysis.com, uploaded the program for analysis, and it concluded that the program was "malicious", with a threat score of 80/100.

Image

So I deleted the program without installing it. You guys should be aware of this as well.

This report has 15 indicators that were mapped to 15 attack techniques and 7 tactics.
Contains ability to query CPU information
Reads the active computer name
Found an IP/URL artifact that was identified as malicious by at least one reputation engine: http://nsis.sf.net
Ransomware/Banking: The input sample dropped 2000 files (often an indicator for ransomware)
System Security: Contains ability to elevate privileges
System Security: Opens the Kernel Security Device Driver (KsecDD) of Windows
Contains ability to reboot/shutdown the operating system
Reads the registry for installed applications

The list goes on...Most of which I do not understand, but I am not sure why a simple subtitle file uploader program needs to ability to elevate privileges, reboot my computer, accesses the Kernel Security Driver of Windows, or read a list of all the programs I have installed on my PC.

I really enjoy opensubtitles, and I will continue to use your service, but I will manually upload subtitles (I would upload more if it were easier). I want you guys to be successful, but hope that you draw a line between earning ad revenues and outright adding malware/ransomware to programs.

Am I to assume that becoming a VIP member would stop the web attacks with each visit? Also, is there a clean, non-malware (basic) version of the uploader I can install for Windows 10? If so, I will support you with VIP and upload more subtitles.

thank you!

Re: redirects to malware sites

Posted: Sat Jan 26, 2019 2:21 pm
by SmallBrother
I will leave the advertising issue to others.

As for the Uploader program, although related, it is a bit off-topic. Besides, there is a dedicated topic for this program, so I have copied the relevant part to that topic. Here it is: https://forum.opensubtitles.org/viewtop ... 129#p41129
Please discuss the part about the Uploader further in that topic.

Re: redirects to malware sites

Posted: Fri Feb 01, 2019 6:29 am
by oss
after hard decision we decided to remove ALL popunders from www.opensubtitles.org

We dont want our users get any malware and fake ads about viruses.

We are moving our ad preference to our extension installations and more clear ads in future.

Re: redirects to malware sites

Posted: Fri Feb 01, 2019 8:01 pm
by scooby007
I have been noticing that when I sign on to Subtittles.org in the last couple of months, I keep getting Norton warnings about "Intrusion Attacks" and "Web Attack: Fake Tech Support Domains 2". It seems that based on the previous discussions in the post, that this is a known issue, but it seems really bad that it continues to happen with every web login. Is this by design? I have only ever seen this happen on shady websites, or porn sites, but not legitimate organizations. Anyways, wanted to report the issue. Whether or not your organization makes changes is completely up to you, but seems like a bad road to go down if you are aware of the problem.

Running Windows 10 Pro - Version 1809, Build 17763.195
Chrome Version 71.0.3578.98 (Official Build) (64-bit)
The only extensions I have enabled in Chrome are Lastpass and Vanilla Cookie Manager, neither of which should be causing these issues.

Copies of the last 2 Norton Entries complaining about the malware attacks.

Image
Image

Thank you.
Hi robtheone,

Sorry about that, pal. Don't know about the past couple of months, but it has been happening to me past few days, as I use Norton the same as you. I sent a similar picture to main owner, and it seems they're going to remove that. I get "An intrusion attempt by bodelen.com was blocked" on my Norton Sonar scan. Strange this has decided to happen the last few days, wonder if it's connected to the "Download" button also not working?

Thanks, oss, for acting quickly. Please advise once fully resolved.
This would be a major concern for most. Myself included.

Kind regards

Re: redirects to malware sites

Posted: Sat Feb 02, 2019 10:39 am
by oss
Hi

this should be fully resolved, do you still have this warning ?

Re: redirects to malware sites

Posted: Sat Feb 02, 2019 11:30 am
by scooby007
Hello,

No warning pop-up from Norton for me this morning. So all is good and as should be for me.

Thanks, boss.

Re: redirects to malware sites

Posted: Mon Dec 14, 2020 10:55 pm
by boocs
Hello,

Sorry to open this forum again.

When i trie to enter the site by my android device, using chrome, i´m redirected to this site:

https://watchmovies4k.vip/watch/tt10537 ... org&cv1=rd_

If i enter by PC browser all is ok.

Re: redirects to malware sites

Posted: Mon Dec 14, 2020 11:46 pm
by scooby007
Hi,

Check this topic, as it was happening to another user today: viewtopic.php?f=1&t=17365#p44819
Might be a VPN issue. Try changing servers and your IP address. Might help.

Re: redirects to malware sites

Posted: Mon Dec 14, 2020 11:54 pm
by Funchalense
Hello,

Sorry to open this forum again.

When i trie to enter the site by my android device, using chrome, i´m redirected to this site:

https://watchmovies4k.vip/watch/tt10537 ... org&cv1=rd_

If i enter by PC browser all is ok.
Same here, use chrome(without VPN) and try enter in .org. =redirect.
You can always enter in the new site : https://www.opensubtitles.com
I tried and there are no redirects.