Is this a false positive?

randomm

Bitdefender reports the following site: [link removed by admin] as infected.

I believe it is a false positive. It is supposed to be a web interface for ipfs.

Ipfs.tech is their official site.

Can anyone check and determine if it is infected indeed?

Accessed via windows machine via both chrome and brave search engines.

I am not sure if this is the right place to ask this kind of question, if it's not please tell me I should ask about this.

Find more posts tagged with

antivirus

virus

Comments

Alexandru_BD

Hello @randomm,

I confirm I get the same result, the page is being blocked by Bitdefender indeed.

You can fill out the form below to report an incorrect detection to Bitdefender Labs. Once confirmed, false alarms are corrected within hours.

https://www.bitdefender.com/consumer/support/answer/29358/#scroll-to-heading-2

Regards

randomm

https://community.bitdefender.com/en/discussion/comment/324473#Comment_324473

I tried doing that but when I try to submit I get the message: ' The URL is incomplete. Please enter a full URL e.g. https://www.SiteName.com'

I tried submitting both of these:

1) [*url removed by @Flexx*]

2) [*url removed by @Flexx*]

Those connections pop up as infected when I try reaching the site [*url removed by @Flexx*]

So what do I do? Is there any way to contact the bitdefender team directly?

Gjoksi

Hello.

Both URLs were reported by me: [FP] [URL] Submission 1008361269 and [FP] [URL] Submission 1008361272.

Now, all we can do is to wait for a reply from the malware researchers at Bitdefender Labs.

I'll post the results here.

Regards.

Flexx

The website may be carrying something malicious

https://www.virustotal.com/gui/url/abc6fee7e1988139ebff466e3e509eeabbf4da4ff8217a036ef4d3ed31a74d68?nocache=1

https://www.virustotal.com/gui/url/dccfcb93ad089f97a96c2f91fd75a8455756655705d0129a5d978c37c096ea41?nocache=1

Additionally, the websites are also blacklisted, have a look at below stated links

https://sitecheck.sucuri.net/results/https/gateway.ipfs.io/ipns/unsupportedtokens.uniswap.org

https://sitecheck.sucuri.net/results/https/gateway.ipfs.io/ipns

Regards

randomm

https://community.bitdefender.com/en/discussion/comment/324508#Comment_324508

Thank you so much, and please do post the results here, and in a way I can verify that the results are for real. Please understand that I'm not trying to be rude when I say I want to verify, it's just that better safe than sorry.

randomm

https://community.bitdefender.com/en/discussion/comment/324509#Comment_324509

I did not click on links you provided (I am really terrified of clicking on anything right now), but I checked via virustotal and sitecheck myself and indeed it seems fishy.

Could you check the following for me:

Try to access 'uniswap.org' and just click on 'launch app' in the upper right corner. That is the most reputable decentralized exchange in the world. When I click that, that's when bitdefender tells me about the infected [*url removed by @Flexx*]

Does bitdefender report the same problem to you? Could my personal network be infiltrated somehow and redirects incorrectly? Or is it a gateway for my entire region (Balkan)?

I know I'm asking a lot, but I am terrified of the situation and have no one else to talk to.

Flexx

https://community.bitdefender.com/en/discussion/comment/324512#Comment_324512

https://www.virustotal.com/gui/url/abc6fee7e1988139ebff466e3e509eeabbf4da4ff8217a036ef4d3ed31a74d68

https://sitecheck.sucuri.net/results/https/gateway.ipfs.io/ipns/unsupportedtokens.uniswap.org

Yes, it blocks the same for me. Posting of direct links/URLs on the forum is not allowed unless approved by the moderators or the administrators.

You need to contact the website administrator and share both the virustotal and sucuri.net results with them and ask them to get it checked.

Regards

randomm

I wasn't aware of that, I apologize.

When you say 'contact the website administrator', in this particular case do you mean the ipfs or uniswap?

Flexx

https://community.bitdefender.com/en/discussion/comment/324517#Comment_324517

Kindly contact the website administrator of ipfs.io

You can report security related issue by dropping them an email at security@ipfs.tech

Regards

randomm

https://community.bitdefender.com/en/discussion/comment/324518#Comment_324518

Thank you!

Gjoksi

@randomm

UPDATE:

[FP] [URL] Submission 1008361269 -> The URL is clean and has been unblocked.

[FP] [URL] Submission 1008361272 -> The URL is clean and is not currently blocked by Bitdefender's engines.

@Alexandru_BD Thanks for the update, mate. 👏

VR8801

Apologies if this needs a new thread, but its the same issue re occuring again.

Product is Bitdefender Total Security and access is via Windows 11 PC.

Errors are:

Infected web page detected

9 minutes ago

Feature:

Online Threat Prevention

We blocked this dangerous page for your protection:

https://gateway.ipfs.io/ipns/extendedtokens.uniswap.org

Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

Phishing attempt detected

11 minutes ago

Feature:

Online Threat Prevention

We blocked this phishing page for your protection:

https://cloudflare-ipfs.com/ipfs/QmTP6pKCE6HQGohYJCjMmHLqLUfScHKWic3L3Cg5yah6J9/

Phishing pages attempt to obtain sensitive information such as login credentials or credit card details by disguising as trustworthy entities. The stolen data can be then used for financial gain

Please let me know whether it is still false positive, Thanks

Alexandru_BD

Hello @VR8801,

I can't confirm here, but I would suggest to submit a sample using the dedicated form:

https://www.bitdefender.com/consumer/support/answer/29358/

Regards

randomm

https://community.bitdefender.com/en/discussion/comment/328326#Comment_328326

Hi, the same issue is happening to me again (even though initially it all seemed fine)

What did you do? Did you connect the wallet with it (in days since your post)