Jump to content

Recommended Posts

  • Staff
1 hour ago, windscribe said:

This has been reported by several uses and is a false positive. 

r/Windscribe - Malwarebytes picking up Windscribe connection as Compromised. Is this ok?

Binary:

windscribe.com/install/desktop/windows

 

Hello- this is an IP block, not an FP by any stretch: 165.73.248.91 | Psychz Networks ZA | AbuseIPDB

This IP address has been reported a total of

 55 times from 24 distinct sources. 165.73.248.91 was first reported on December 16th 2020, and the most recent report was 2 hours ago.

 

Link to post
Share on other sites

This is a VPN server IP. Our apps ping check all VPN servers in our network, and therefore make network connection. The fact that one of our VPN servers was allegedly used to brute force random Wordpress blogs (this happens with all VPMNs) poses zero security risk to any other end user. The IP simply has a "bad reputation". This does not make our VPN application "compromised" as incorrectly stated in your interface.  Nothing is compromised, some people are just a-holes and use VPNs for bad things. 

Link to post
Share on other sites

@BjelakovicL As mentioned earlier, this IP is one of our servers in South Africa. Our app initiates connections to ALL servers to perform latency checks, as well as when a user actively attempts to connect to the address. If you look at the actual reports, you will notice that this VPN server is used by some unsavory characters to login into unsecured Wordpress blogs. As we're a no logging VPN, we cannot detect or prevent this type of activity (due to HTTPS being used). Nor is it our job to secure 3rd party Wordpress blogs who are too lazy to secure them. 

That being said, this has absolutely no impact on anyone else connecting to this particular VPN server. All this says is the IP reputation is "bad", which is not indicative of any compromise like your software states. 

Link to post
Share on other sites

I should add that multiple customers reported this, and several resolved their issue by removing Malwarebytes due to this false positive, and many other ones that happened previously.

 

 

 

This also includes a current issue, where Malwarebytes breaks our split tunneling features, which is still an ongoing issue that our customers say you're ignoring

 

Link to post
Share on other sites

Thanks @Bjelak

Would be real great to fix the split routing issue mentioned above too. It affects many people, and our suggested solution is currently "Disable or remove Malwarebytes".  

To replicate:

1. Download the app https://windscribe.com/install/desktop/windows

2. Make a free account and login

3. Enable split routing in Preferences -> Connection -> Split Routing and exclude your browser

4. Connect.

Browser traffic should no longer be routed to the tunnel. Your IP should remain the same from the perspective of that browser, and be a VPN IP in other browsers. 

Thanks

Link to post
Share on other sites

12 minutes ago, windscribe said:

It affects many people, and our suggested solution is currently "Disable or remove Malwarebytes". 

No issue  for me because I use Malwarebytes VPN

We have seen the PIA VPN have the same issue as you routing thru compromised IP's as well.

More and more websites and services are blocking well known VPN IP' as well.

Link to post
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.