Hello everyone,
I am experiencing a persistent issue where Bitdefender's Online Threat Prevention is flagging and blocking a suspicious connection attempt originating from my ExpressVPN application.
The Issue:Whenever I actively connect to a VPN server, Bitdefender intercepts a connection. If the VPN is disconnected/idle, there are no alerts at all.
Alert Details:
- Source Executable:
expressvpn-service.exe - Blocked Destination URL:
https://www.3ik9bjnm.com/ - Threat Type: Web Threat
Troubleshooting Done:I am running Windows 11 (25H2). I have already updated ExpressVPN to the absolute latest version (v14.1.1 build 13156), but the exact same block still occurs. I reached out to ExpressVPN support, but they could not provide a clear answer regarding whether this domain belongs to their infrastructure.
My Questions:
- Has anyone else seen Bitdefender blocking this specific domain (
3ik9bjnm.com) related to ExpressVPN? - Could this be a False Positive caused by how the ExpressVPN client routes traffic/telemetry, or should I treat this as a serious process injection/malware issue on my system?
Any insights or advice on how to further analyze this would be greatly appreciated. Thank you!
