Jump to content

Recommended Posts

Hello team!

It has brought to my attention that our social media platform mstdn.social has been reported with a false positive on your platform. Our server and media files are scanned weekly to be sure we don't host any malicious files.

It is about the domain:

*mstdn.social/*
IP: 

Spoiler

116.202.14.219

 

Thank you in advance!

Link to post
Share on other sites

  • 1 month later...
  • 8 months later...

I've experienced this myself. Oddly, even doing a Mastodon-related Google search immediately presented me with a site blocked message. I didn't even actually click on any results before the blocked message came up (screenshot attached). My DNS (Quad9) is also blocking anything Mastodon related. Specifically, on a discourse.org site relating to Mastodon, but not actually a Mastodon URL (screenshot of the blocking results also attached for anyone who cares). 

 

Does anyone have an actual explanation for why this might be? Moreover, is it really that easy to get a site unblocked - just message on the forum to unblock?

 

Screenshot_20221107-150110.png

Screenshot_20221108-102226.png

Link to post
Share on other sites

Another thing I find strange, is a recent post I saw on Twitter instructing users to give Mastodon full permissions to contacts. It almost seems like there are malicious actors leveraging Mastodon and the (supposed) exodus from Twitter to Mastodon in a social engineering attack (total conjecture, obviously). 

 

The Twitter account that posted the instructions was also suspect, in that it was a brand new account, with hardly any posts, but all relating to Mastodon. 

Screenshot_20221106-110756.png

Link to post
Share on other sites

2 hours ago, thr4c14n said:

I've experienced this myself. Oddly, even doing a Mastodon-related Google search immediately presented me with a site blocked message. I didn't even actually click on any results before the blocked message came up (screenshot attached). My DNS (Quad9) is also blocking anything Mastodon related. Specifically, on a discourse.org site relating to Mastodon, but not actually a Mastodon URL (screenshot of the blocking results also attached for anyone who cares). 

 

Does anyone have an actual explanation for why this might be? Moreover, is it really that easy to get a site unblocked - just message on the forum to unblock?

 

Screenshot_20221107-150110.png

Screenshot_20221108-102226.png

This one looks like a valid block. It's being reported as a C2 for a passwordstealer. There's also several links that are flagged according to virustotal.

image.png.42a6663c0874367296a9151fd0ac6ec4.png

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.