Opened 5 years ago

Closed 4 years ago

#13686 closed defect (fixed)

phishing/trademark/malware violation at torbrowserproject.com

Reported by: januszeal Owned by: Sebastian
Priority: High Milestone:
Component: Webpages/Website Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

There is a site hosting malware while pretending to be Tor at http://torbrowserproject.com/

#12458 related?

Child Tickets

Change History (3)

comment:1 Changed 5 years ago by januszeal

I contacted the datacenter hosting the site:

From: ---
Date: November 6, 2014 at 17:36:36 CST
Subject: Phishing site - http://torbrowserproject.com/
To: abuse@…

Hi!

It appears that a site hosted on your network is being used to dupe people into downloading a malware payload disguised as the Tor Browser (https://www.torproject.org/).

This is the exact malware URL: http://torbrowserproject.com/downloads/mirror/torproject/3.66/win32/torbrowser-install-3.6.6_en-US.exe

https://www.virustotal.com/en/file/e12a8aafa86d2bbcb6631ac3f4d22795e2bc11fa58c4da8ea13450ec0b656ffc/analysis/1415316677/

Thank you!

comment:2 Changed 5 years ago by januszeal

DC replied, so I guess this is resolved?

Thank you for notifying us.

We have suspended our services associated with the domain.

Please feel free to contact us in case of any further queries.

Regards,
Confluence Networks

comment:3 Changed 4 years ago by Sebastian

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.