[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Malicious Link Reported by Chrome
From: |
Simon Josefsson |
Subject: |
Re: Malicious Link Reported by Chrome |
Date: |
Sat, 01 Aug 2015 15:28:15 +0200 |
User-agent: |
Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.4 (gnu/linux) |
Greg Vogel <address@hidden> writes:
> All URLs to josefsson.org <http://josefsson.org/gnutls4win/> are reported
> as suspicous because Google scans have found ~29 Trojans on the site. Your
> link is at
> http://www.gnu.org/software/gsasl/manual/html_node/Installing-under-Windows.html#Installing-under-Windows.
> You may have others.
This is surprising -- is there any evidence this is anything but a false
positive? What file contains what malware? All files should be PGP
signed, and the build process is in the released GNU SASL package, and
the releases are prepared on a completely free OS (Debian). So I'm
curious how something bad could have ended up in them.
/Simon
> -Greg-
>
> Here's Google's details:
>
> Safe Browsing*Diagnostic page for* josefsson.org/gnutls4win
>
> *What is the current listing status for josefsson.org/gnutls4win
> <http://josefsson.org/gnutls4win>?*
>
> Site is listed as suspicious - visiting this web site may harm your
> computer.
>
> Part of this site was listed for suspicious activity 3 time(s) over the
> past 90 days.
>
> *What happened when Google visited this site?*
>
> Of the 36 pages we tested on the site over the past 90 days, 1 page(s)
> resulted in malicious software being downloaded and installed without user
> consent. The last time Google visited this site was on 2015-07-03, and the
> last time suspicious content was found on this site was on 2015-07-03.
>
> Malicious software includes 23 trojan(s).
>
> This site was hosted on 1 network(s) including AS15830 (TELECITY-LON)
> <http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=AS:15830&client=googlechrome&hl=en-US>
> .
>
> *Has this site acted as an intermediary resulting in further distribution
> of malware?*
>
> Over the past 90 days, josefsson.org/gnutls4win did not appear to function
> as an intermediary for the infection of any sites.
>
> *Has this site hosted malware?*
>
> Yes, this site has hosted malicious software over the past 90 days. It
> infected 0 domain(s), including .
>
> *How did this happen?*
>
> In some cases, third parties can add malicious code to legitimate sites,
> which would cause us to show the warning message.
>
> *Next steps:*
>
> - Return to the previous page.
>
> <http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fjosefsson.org%2Fgnutls4win%2F&client=googlechrome&hl=en-US#>
> - If you are the owner of this web site, you can request a review of
> your site using Google Webmaster Tools
> <http://www.google.com/webmasters/tools/>. More information about the
> review process is available in Google's Webmaster Help Center
> <http://www.google.com/support/webmasters/bin/answer.py?answer=45432>.
> _______________________________________________
> Help-gsasl mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/help-gsasl
>
signature.asc
Description: PGP signature
- Re: Malicious Link Reported by Chrome,
Simon Josefsson <=