Security problems - phishing problems

There are some major security problems with the product tour section(sever),
When I tried to enter missions or to execute mission I got a messages from my antivirus
"connection aborted due to phishing problems ,server error, " please fix it ASAP


Hello, @yosef_yehiel.

Thank you for your report.
I will discuss it with the team and we will answer you.

Best Regards, Nikita.

Thanks’ Nikita for the fast reply

1 Like

I also keep getting this issue on my webpage, my antivirus is blocking images from loading and aborting connections with the same phishing notifications

I’m still getting those alert messages and aborting connections with the same phishing notifications.
please fix it.

Hi @yosef_yehiel , @Hezzron_Austin ,

Sorry for inconvenience and the long delay with the answer. We will fix this problem in our next release which we expecting to have till the end of the next week.

About reasons of antivirus alerts

In a few words they are “false” alerts which caused by way in which our system server static content in the old days.

Detailed description of the problem. This alerts triggered by usage of domain to load images for badges. This domain is common for all applications when it comes to serving static content from applications file systems. From time to time some of the users of our platform tried to create a phishing sites. Pages of those sites also were served from that domain. Even though, we blocked such applications fast enough, domain for static content was added to phishing domains lists which are used by your antivirus software. This is why you receive those alerts.
To resolve this problem we came app with concept of generated domains. Now each application has its own generated domain “out of the box” and problem, described above, will not affect regular apps. We updated our logic to use generated domains everywhere were it is possible. But since system is big, some places still used old approach for serving static content. One of such places was Missions Service to serve images for missions badges. We made changes and now Missions Service will use generated domain.

Regards, Andriy

Hi Andriy,
Thanks, I will wait till the next release.
Best regards

Having discovered this gentleman’s report which was similar to mine (Running preview triggers my anti-virus program - #13 by Andriy_Konoz). I have to ask when you guys can issue a fix for this? False positive or not, I can’t have my web scanner disabled just to keep testing and development going.

If your scanner reports something that is not there, how can we fix this? Have you contacted your scanner’s support to find out why it is reporting it?

I have. Does it not pique your curiosity that I am not the only one reporting this? Did anyone ask Mr. Yosef Yehiel what virus scanner he is using? I have Avast installed, and if Mr. Yosef is using another, how then can two different programs flag the same phishing issue?

The root cause of the issue is that is a domain used by multiple apps. When a malicious user (logged in as a developer to his app) uploads some phishing content, Google Safe Browsing registers it in some common directory. At the same time our monitoring system detects the content, deletes the app and blocks the developer. Google periodically rescans to make sure the content is done and then updates its registry. The antivirus you use does not check if the registry is updated and operates on the outdated terms. As a result, you get the false positive you experience.

Unfortunately there is nothing we can do to clear the warning as at this point the issue has been dealt with. The problem reported by Yosef has been fixed on our side where the Missions logic doesn’t rely on that domain. My recommendation to you and anyone who may experience something similar is to use a subdomain assigned to your app. These subdmoains ( create the appropriate sandboxing between the apps where they no longer rely on the same domain to reference their files.