This is the second recent post of this type you’ve made. I would rethink my usage if this kind of scare was a common occurrence.
Also how do you think that link would give you a virus? Facebook did block it apart from whatever redirects there may have been. And scanning links to detect malware isn’t the most foolproof approach in the world.
Just to expand on what was already said: the screenshot in the original post is not evidence of any malware. It is simply stating that there is a problem with the site’s certificate.
Unless you continued through this warning and then entered personal information or downloaded something, you have nothing to worry about.
That website is actually malware and loading the certificate does involve making a connection to it.
I personally recommend using a DNS like Quad9 or DNS0 at a minimum for some protection against these known sites. Both have it already blocked. Cloudflare’s security variant doesn’t.
A layered approach to this is best, eg.:
blocking known bad IP addresses
DNS blocking some known ads/malware with a service like Quad9 as the upstream. doing both here is critical, using some malware blocklists that only update daily from few sources is useless
content blocker in browser also blocking more ads/malware
using the safe browsing feature in the browser
enforcing https
as a user, not clicking ads, not clicking links that are raw IP addresses
having eg. Windows Defender enabled/enforcing/updated if you’re on Windows
keeping all software updated
(Yes that is all “badness enumeration”, except in many cases such as this one such badness was already known.)
Please also if you do post links to malware, defang it: replace . with [.] and replace http with hxxp
re safe browsing:
Chrome, Vanadium, and Mulch only have Safe Browsing if you have real Google Play Services installed.
Bromite, Cromite, Mull, and Fennec F-Droid do not support Safe Browsing.
Official Firefox on Android doesn’t depend on Google Play Services for Safe Browsing.
@SkewedZeppelin
I was using NextDNS with the same config that Henry showed in the video on Techlore channel amd till now iam still using it, So that means the connection should be stopped right?
I showed in my question that the last redirect was to a Php website which i didn’t reach but i used a tool to see the final link, Am i safe right now??
@Dkama
The blocker for Safe Browsing in Mull and Fennec F-Droid is having a special API key.
Other Firefox forks like Iceraven and IodeOS Browser have working Safe Browsing along with Google Play Services library because they don’t actually compile Gecko (the engine) from source, but only compile Fenix (the UI layer), which lets them inherit the Mozilla API key from their prebuilts.
Got it. But the question that remains is: what would it take for Mull to have it (without GPS)?
Would you need to set up a server to proxy it like Mozilla does, and have all the costs that come with it? Or does Mozilla have a special access that regular folks can’t have?
