Forum rules
Under no circumstances is spamming or advertising of any kind allowed. Do not post any abusive, obscene, vulgar, slanderous, hateful, threatening, sexually-orientated or any other material that may violate others security. Profanity or any kind of insolent behavior to other members (regardless of rank) will not be tolerated. Remember, what you don’t find offensive can be offensive to other members. Please treat each other with the kind of reverence you’d expect from other members.
Failure to comply with any of the above will result in users being banned without notice. If any further details are needed, contact: “The team” using the link at the bottom of the forum page. Thank you.
svaraej
Posts: 10
Joined: Sun Oct 01, 2017 5:03 pm

Re: redirects to malware sites

Sun Dec 30, 2018 2:32 pm

One probable reason for people following might be all your drama. One probable reason for people not commenting might be your drama.
Image

mike2017mike
Posts: 24
Joined: Sun Oct 14, 2018 5:46 pm

Re: redirects to malware sites

Sun Dec 30, 2018 2:44 pm

You posted your evidence of being redirected to malware and scams and are still denying it is happening ? ? ? ?

It is now very obvious that Opensubtitles.org do not care to what they subject their users, including children, as long as they get payment for redirecting to scams , malware and porn



My message to the thousands and thousands of people following this thread.........

I opened this thread originally to show opensubtitles.com that their advertising 'partner' is redirecting their users to unwanted sites, not adverts

I also tried to warn them that, following the Australian courts ordering ISPs to block opensubtitles.org, the links to illegally watch copyright material have been noted by several other authorities

I really don't care about opensubtitles.org any more

This is my last post

Don't bother to reply as this post is the last time either opensubtitles.xxx or cobalten.xxx (globally acknowledged as provider of malware/virus ; just Google them) will be allowed through any of my routers

Goodbye

User avatar
SmallBrother
Site Admin
Posts: 2809
Joined: Sun Mar 04, 2012 12:59 pm
Location: Somewhere on this globe

Re: redirects to malware sites

Wed Jan 02, 2019 10:39 pm

Thank God.

User avatar
oss
Site Admin
Posts: 4702
Joined: Sat Feb 25, 2006 11:26 pm
Contact: Website

Re: redirects to malware sites

Thu Jan 03, 2019 6:27 am

he will have empty google results for searching subtitles then :)

robtheone
Posts: 2
Joined: Thu Jan 24, 2019 6:38 pm

Re: redirects to malware sites

Thu Jan 24, 2019 7:12 pm

I have been noticing that when I sign on to Subtittles.org in the last couple of months, I keep getting Norton warnings about "Intrusion Attacks" and "Web Attack: Fake Tech Support Domains 2". It seems that based on the previous discussions in the post, that this is a known issue, but it seems really bad that it continues to happen with every web login. Is this by design? I have only ever seen this happen on shady websites, or porn sites, but not legitimate organizations. Anyways, wanted to report the issue. Whether or not your organization makes changes is completely up to you, but seems like a bad road to go down if you are aware of the problem.

Running Windows 10 Pro - Version 1809, Build 17763.195
Chrome Version 71.0.3578.98 (Official Build) (64-bit)
The only extensions I have enabled in Chrome are Lastpass and Vanilla Cookie Manager, neither of which should be causing these issues.

Copies of the last 2 Norton Entries complaining about the malware attacks.

Image
Image

Thank you.

AlexP88
Posts: 9
Joined: Wed Oct 17, 2018 10:46 am

Re: redirects to malware sites

Fri Jan 25, 2019 1:23 pm

Hello,

This is Alex from Propeller. My apologies for late response.
Could you please provide me with the links of the ads that seem to be intrusive of any kind to you.

Looking forward to your reply.

robtheone
Posts: 2
Joined: Thu Jan 24, 2019 6:38 pm

Re: redirects to malware sites

Sat Jan 26, 2019 2:42 am

Hi Alex,

I am not sure which specific ads are causing the issue. It happens every single time that I go to opensubtitles.org in a web browser, currently using Chrome. I have not and am not experiencing this issue with any other website. When I look at Norton history, it shows the following:

IPS Alert Name: Web Attack: Fake Tech Support Domains 2
Attacking Computer: cobalten.com (188.72.213.175, 443)
Source address: 188.72.213.175

Network traffic from cobalten.com matches the signature of a known attack. The attack resulted from ....Chrome.exe.

Here is a screen cap of the Norton intrusion attack warning I just received while opening the website.

Image

I personally have no objection to seeing ads with naked women on my browser, but an alert from Norton about an "instrusion attack" seems more troubling.

Does this provide you the details you need?

FYI - I also downloaded the opensubtitles uploader program last night to be able to easier upload subtitles, opensubtitles-uploader-2.4.0-win32-setup.exe, and Norton gave me an "untrusted" warning about the program. So I went to hybrid-analysis.com, uploaded the program for analysis, and it concluded that the program was "malicious", with a threat score of 80/100.

Image

So I deleted the program without installing it. You guys should be aware of this as well.

This report has 15 indicators that were mapped to 15 attack techniques and 7 tactics.
Contains ability to query CPU information
Reads the active computer name
Found an IP/URL artifact that was identified as malicious by at least one reputation engine: http://nsis.sf.net
Ransomware/Banking: The input sample dropped 2000 files (often an indicator for ransomware)
System Security: Contains ability to elevate privileges
System Security: Opens the Kernel Security Device Driver (KsecDD) of Windows
Contains ability to reboot/shutdown the operating system
Reads the registry for installed applications

The list goes on...Most of which I do not understand, but I am not sure why a simple subtitle file uploader program needs to ability to elevate privileges, reboot my computer, accesses the Kernel Security Driver of Windows, or read a list of all the programs I have installed on my PC.

I really enjoy opensubtitles, and I will continue to use your service, but I will manually upload subtitles (I would upload more if it were easier). I want you guys to be successful, but hope that you draw a line between earning ad revenues and outright adding malware/ransomware to programs.

Am I to assume that becoming a VIP member would stop the web attacks with each visit? Also, is there a clean, non-malware (basic) version of the uploader I can install for Windows 10? If so, I will support you with VIP and upload more subtitles.

thank you!

User avatar
SmallBrother
Site Admin
Posts: 2809
Joined: Sun Mar 04, 2012 12:59 pm
Location: Somewhere on this globe

Re: redirects to malware sites

Sat Jan 26, 2019 2:21 pm

I will leave the advertising issue to others.

As for the Uploader program, although related, it is a bit off-topic. Besides, there is a dedicated topic for this program, so I have copied the relevant part to that topic. Here it is: viewtopic.php?f=11&t=15404&p=41129#p41129
Please discuss the part about the Uploader further in that topic.

User avatar
oss
Site Admin
Posts: 4702
Joined: Sat Feb 25, 2006 11:26 pm
Contact: Website

Re: redirects to malware sites

Fri Feb 01, 2019 6:29 am

after hard decision we decided to remove ALL popunders from www.opensubtitles.org

We dont want our users get any malware and fake ads about viruses.

We are moving our ad preference to our extension installations and more clear ads in future.

User avatar
scooby007
Site Admin
Posts: 401
Joined: Thu Mar 05, 2009 10:49 pm
Location: Scandalous

Re: redirects to malware sites

Fri Feb 01, 2019 8:01 pm

robtheone wrote:I have been noticing that when I sign on to Subtittles.org in the last couple of months, I keep getting Norton warnings about "Intrusion Attacks" and "Web Attack: Fake Tech Support Domains 2". It seems that based on the previous discussions in the post, that this is a known issue, but it seems really bad that it continues to happen with every web login. Is this by design? I have only ever seen this happen on shady websites, or porn sites, but not legitimate organizations. Anyways, wanted to report the issue. Whether or not your organization makes changes is completely up to you, but seems like a bad road to go down if you are aware of the problem.

Running Windows 10 Pro - Version 1809, Build 17763.195
Chrome Version 71.0.3578.98 (Official Build) (64-bit)
The only extensions I have enabled in Chrome are Lastpass and Vanilla Cookie Manager, neither of which should be causing these issues.

Copies of the last 2 Norton Entries complaining about the malware attacks.

Image
Image

Thank you.


Hi robtheone,

Sorry about that, pal. Don't know about the past couple of months, but it has been happening to me past few days, as I use Norton the same as you. I sent a similar picture to main owner, and it seems they're going to remove that. I get "An intrusion attempt by bodelen.com was blocked" on my Norton Sonar scan. Strange this has decided to happen the last few days, wonder if it's connected to the "Download" button also not working?

Thanks, oss, for acting quickly. Please advise once fully resolved.
This would be a major concern for most. Myself included.

Kind regards

User avatar
oss
Site Admin
Posts: 4702
Joined: Sat Feb 25, 2006 11:26 pm
Contact: Website

Re: redirects to malware sites

Sat Feb 02, 2019 10:39 am

Hi

this should be fully resolved, do you still have this warning ?

User avatar
scooby007
Site Admin
Posts: 401
Joined: Thu Mar 05, 2009 10:49 pm
Location: Scandalous

Re: redirects to malware sites

Sat Feb 02, 2019 11:30 am

Hello,

No warning pop-up from Norton for me this morning. So all is good and as should be for me.

Thanks, boss.

Return to “General talk”

Who is online

Users browsing this forum: No registered users and 8 guests