Kaspersky antivirus blocks disroot.org

Today (August 8), Kaspersky antivirus is blocking disroot.org as a malicious web site. Not sure about the cause, disroot team, please reach out to them.
Thanks

Hi,

Thanks for heads up. We will check what is the reason for this.

Also encounter this with Kapersky Endpoint Protection.
Apparently Kapersky (and also Avast) and Secutec SecureDNS flag the main disroot.org domain/IP as dangerous/malicious as it prolly got on Malware blacklist because of botnet (Botnet C&C Trojan-PSW.Win32.Cryptnot), see
VirusTotal
Kaspersky Threat Intelligence Portal

https://www.disroot.org
Dangerous

Report for domain

IPv4 count 8
Files count β‰ˆ 10
Web addresses count β‰ˆ 100
Hits count β‰ˆ 1,000
Created Jun 06, 201521:00
β€” β€”
Expires Jun 06, 202321:00
Domain disroot.org
Registration organization Greenhost
Registrar name Key-Systems GmbH

Categories

Culture, society
Business
Malware
Botnet C&C Trojan-PSW.Win32.Cryptnot

BTW via the kapersky link above you can also file/click button for reanalysis of the site.

I already sent an object to revalidate as user

Got already reply:
"Hello,

URL was removed from blocklist. It will be fixed in the next update. Thank you for your help.
Best regards,
Alexander Plakhov, Malware Analyst, Kaspersky
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names"

Let’s hope this also ripples through the other services.

Edit:
Kaspersky should be ok now, verified on their site and virus-total.
Avast still flags it, so also created an appeal for that Submit suspicious URL

1 Like