Jump to content

repeated outgoing malware: api.segment.io

Recommended Posts

For the last week or so, I've had many instances daily of an outgoing malware, blocked by MBP. It is always the same message, which I've attached a screen shot of below: "malicious website blocked. api.segment.io".  A google search shows that segment.io is a safe website, according to Norton and deals with website customer analytics.  Is MBP producing a false positive here, or could the message be due to a cookie from a website that's being used to track my behavior?


Thank you.


Link to post
Share on other sites

Hello and Welcome to Malwarebytes

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

I got in touch with sement.io and received a quick and helpful response, which I'll paste below. I responded letting them know I was using Malware Bytes:


"So sorry about that. http://api.segment.io is the URL our customers use to send us their analytics data, which we then route off for them to all their 3rd party analytics tools. Lots of companies, sites, and apps use Segment, so that's why you may have stumbled across that error multiple times around the internet.

We are indeed safe. We recently switched our IP address, and it looks like we were provided one that had previously been flagged as Malware, causing us to be put on the "unsafe" list by some anti-virus providers.

To use a terrible metaphor, it's kind of like if you got a new phone number that previously belonged to a criminal, and you were placed on the no-fly list because of it.

Are you using Avast? We confirmed with them last night that they've cleared and whitelisted the domain. If you're using another it would be really helpful to us if you told us which so that we can reach out to them and have us whitelisted as well.

Thanks for the heads up, and sorry again for the trouble."

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.