I clicked on a virus link, What to do now?

One of the pages that iam following on Facebook but a link in a story and i was trying to copy it to scan it but i accidentally clicked on it

:warning::warning::warning: This is the virus link :warning::warning::warning:

[link removed]

Facebook blocked it at this level

I used my tools to get tge latest link it was about to redirect my to and it was this

:warning::warning::warning:This is the latest redirect but i didn’t open it​:warning::warning::warning:

[link removed - do NOT post links to malware]

Am i infected now??? Should i format my mobile??
Should i change my passwords??

Iam sooooo afraid

This is the second recent post of this type you’ve made. I would rethink my usage if this kind of scare was a common occurrence.

Also how do you think that link would give you a virus? Facebook did block it apart from whatever redirects there may have been. And scanning links to detect malware isn’t the most foolproof approach in the world.


Just to expand on what was already said: the screenshot in the original post is not evidence of any malware. It is simply stating that there is a problem with the site’s certificate.

Unless you continued through this warning and then entered personal information or downloaded something, you have nothing to worry about.

1 Like

That website is actually malware and loading the certificate does involve making a connection to it.

I personally recommend using a DNS like Quad9 or DNS0 at a minimum for some protection against these known sites. Both have it already blocked. Cloudflare’s security variant doesn’t.

A layered approach to this is best, eg.:

  • blocking known bad IP addresses
  • DNS blocking some known ads/malware with a service like Quad9 as the upstream. doing both here is critical, using some malware blocklists that only update daily from few sources is useless
  • content blocker in browser also blocking more ads/malware
  • using the safe browsing feature in the browser
  • enforcing https
  • as a user, not clicking ads, not clicking links that are raw IP addresses
  • having eg. Windows Defender enabled/enforcing/updated if you’re on Windows
  • keeping all software updated

(Yes that is all “badness enumeration”, except in many cases such as this one such badness was already known.)

Please also if you do post links to malware, defang it: replace . with [.] and replace http with hxxp

re safe browsing:

  • Chrome, Vanadium, and Mulch only have Safe Browsing if you have real Google Play Services installed.
  • Bromite, Cromite, Mull, and Fennec F-Droid do not support Safe Browsing.
  • Official Firefox on Android doesn’t depend on Google Play Services for Safe Browsing.

I was using NextDNS with the same config that Henry showed in the video on Techlore channel amd till now iam still using it, So that means the connection should be stopped right?

I showed in my question that the last redirect was to a Php website which i didn’t reach but i used a tool to see the final link, Am i safe right now??

1 Like

microg doesn’t allow safe browsing? also what about brave’s safe browsing

probably didn’t connect if you used a good blocklist like hagezi


microG cannot provide the Safe Browsing databases afaik

and relying on a single blocklist is not going to help, you must have layers here

That’s interesting. I thought Firefox did it offline somehow, but it seems like they just proxy through their own servers, is that right?

Can it be enabled in Mull? Behind a VPN and without Firefox’s unique download id it’s not a big issue (other than being the only one doing it).

The blocker for Safe Browsing in Mull and Fennec F-Droid is having a special API key.

Other Firefox forks like Iceraven and IodeOS Browser have working Safe Browsing along with Google Play Services library because they don’t actually compile Gecko (the engine) from source, but only compile Fenix (the UI layer), which lets them inherit the Mozilla API key from their prebuilts.

Got it. But the question that remains is: what would it take for Mull to have it (without GPS)?

Would you need to set up a server to proxy it like Mozilla does, and have all the costs that come with it? Or does Mozilla have a special access that regular folks can’t have?