Today (August 8), Kaspersky antivirus is blocking disroot.org as a malicious web site. Not sure about the cause, disroot team, please reach out to them.
Thanks
Hi,
Thanks for heads up. We will check what is the reason for this.
Also encounter this with Kapersky Endpoint Protection.
Apparently Kapersky (and also Avast) and Secutec SecureDNS flag the main disroot.org domain/IP as dangerous/malicious as it prolly got on Malware blacklist because of botnet (Botnet C&C Trojan-PSW.Win32.Cryptnot), see
VirusTotal
Kaspersky Threat Intelligence Portal
https://www.disroot.org
Dangerous
Report for domain
| IPv4 count | 8 |
|---|---|
| Files count | ≈ 10 |
| Web addresses count | ≈ 100 |
| Hits count | ≈ 1,000 |
| Created | Jun 06, 201521:00 |
| — | — |
| Expires | Jun 06, 202321:00 |
| Domain | disroot.org |
| Registration organization | Greenhost |
|---|---|
| Registrar name | Key-Systems GmbH |
Categories
Culture, society
Business
Malware
Botnet C&C Trojan-PSW.Win32.Cryptnot
BTW via the kapersky link above you can also file/click button for reanalysis of the site.
I already sent an object to revalidate as user
Got already reply:
"Hello,
URL was removed from blocklist. It will be fixed in the next update. Thank you for your help.
Best regards,
Alexander Plakhov, Malware Analyst, Kaspersky
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names"
Let’s hope this also ripples through the other services.
Edit:
Kaspersky should be ok now, verified on their site and virus-total.
Avast still flags it, so also created an appeal for that Submit suspicious URL
2 Likes
BTW, maybe the way to read those reports is that you shouldn’t trust Kaspersky antivirus.
[ In a sense this is stating the obvious since it’s proprietary software. ]
But more seriously, antivirus software is a problem rather than a solution, you’re probably better off without it.