Jump to content

1Password community being flagged


Go to solution Solved by JPopovic,

Recommended Posts

1Password Community being flagged

 https://1password.community/discussion/121163/1password-for-windows-early-access

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 10/3/21
Protection Event Time: 7:52 PM
Log File: 6a4339f4-24ad-11ec-b3ef-90e6ba57cdd5.json

-Software Information-
Version: 4.4.7.134
Components Version: 1.0.1464
Update Package Version: 1.0.45556
License: Premium

-System Information-
OS: Windows 10 (Build 19043.1237)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: dsc.cloud
IP Address: 207.148.0.169
Port: 443
Type: Outbound
File: C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe

(end)

Link to post
Share on other sites

So you are saying the above block and this one is a valid block and it is not a false positive? If so I will try to contact 1Password regarding this as I do not think it is something they want showing up when one is using a Password Manager.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 10/6/21
Protection Event Time: 8:45 AM
Log File: b7d5c844-26ab-11ec-8d4b-90e6ba57cdd5.json

-Software Information-
Version: 4.4.7.134
Components Version: 1.0.1464
Update Package Version: 1.0.45602
License: Premium

-System Information-
OS: Windows 10 (Build 19043.1237)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Malware
Domain: 
IP Address: 207.148.0.169
Port: 443
Type: Outbound
File: C:\Program Files\BraveSoftware\Brave-Browser-Beta\Application\brave.exe

(end)

 

Link to post
Share on other sites

Hi folks.

Ben from 1Password here. Some of the images in the post in question were intentionally hosted with the Dropshare service, which operates the 'dsc.cloud' domain. Dropshare is similar to Dropbox, MEGA, etc in that they host a lot of files from a lot of different users. Are you claiming that Dropshare itself has been compromised? Do you have any additional explanation for why dsc.cloud is being blocked by MalwareBytes wholesale? It seems there would have to be some justification beyond some of their users uploading files containing malware, as otherwise I imagine you'd have to block all similar file sharing / image hosting services.

Please let us know. Thanks!

Ben

Link to post
Share on other sites

  • Staff

Hi Ben,

There are some phishing pages related to this domain:
 

http://dsc.cloud/eae89d/appfacebook2021.html
https://dsc.cloud/5533cc/A%20POP.html
https://dsc.cloud/dc8150/E%20PAYMENT%20NOTIFICATION.html
https://dsc.cloud/dc8150/E+PAYMENT+NOTIFICATION.html 


Would you be able, by any chance, to contact them and ask them to remove these pages?

Thank you in advance!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.