-
Amazon Deals - ToS - Warp
BSNL is inserting ads in websites, sending their users to malware sites through malware code injection
- Thread starter CRACING
- Start date
- Replies 645
- Views 196,599
pothi
@127.0.0.1
pothi
@127.0.0.1
The problem is... it is easy to inject malware on unsecured sites. For example, even the local exchange can track unsecured sites. But, they don't do it. That's the actual problem. This is not intentional from BSNL. They just don't have the resources (money) to secure their own servers.
VPN is probably the only solution. even with dns over https/tls, non-secure pages are blocked on my isp.
pothi
@127.0.0.1
As mentioned in OP, I already have pi-hole.net (on my VPS). So, it isn't an issue with DNS.
The issue is still there, and yes i totally agree with the first post, only non secured sites have this problem. If you click anywhere on the webpage you will get a redirect. And its happening on my bsnl bb connected phone and pc, and as soon i shift to jio for internet everything is back to normal..
Hi,
Thank god. I thought i was hacked both my laptops were having same issues. They are being redirected to 1bcde.com, fixerinst, and some other.
This only happens on unsecured connection (http) as per my observation.
Installed ton of software to figure it out how it got installed.
Use malwarebytes it seems to block these PUP website but requires premium subscription. I'm on trial and it seems to work fine.
How to escalate this issue to Ministry of Telecom or somewhere high profile ?
Thank god. I thought i was hacked both my laptops were having same issues. They are being redirected to 1bcde.com, fixerinst, and some other.
This only happens on unsecured connection (http) as per my observation.
Installed ton of software to figure it out how it got installed.
Use malwarebytes it seems to block these PUP website but requires premium subscription. I'm on trial and it seems to work fine.
How to escalate this issue to Ministry of Telecom or somewhere high profile ?
pothi
@127.0.0.1
PSA:
As a temporary workaround for those still face this issue (on a PC), please insert the following lines in your computer's hosts file...
0.0.0.0 cobalten.com
0.0.0.0 speed-open2.com
For mobile devices, since, editing hosts file isn't practical and impossible in certain cases, I use my own DNS (using pi-hole.net) where I blocklisted the above domains). Anyone in the BSNL network can use it for their DNS queries to safeguard themself from clicking these malicious domains by mistake. The IP of my pi-hole DNS server is 45.76.184.155. One caveat with this IP is that it also blocks most advertisements (that's the primary reason I started using pi-hole.net initially). It is made to work only on BSNL (using firewall rules) for now. If it doesn't work for you for some reason, please publish your BSNL IP here, I will unblock the whole range of BSNL IPs. Unfortunately, I can't allow non-BSNL users to use it, since it takes time, effort and money to run a DNS server. Currently, IPs starting with 59 and 117 are allowed for DNS queries!
As a temporary workaround for those still face this issue (on a PC), please insert the following lines in your computer's hosts file...
0.0.0.0 cobalten.com
0.0.0.0 speed-open2.com
For mobile devices, since, editing hosts file isn't practical and impossible in certain cases, I use my own DNS (using pi-hole.net) where I blocklisted the above domains). Anyone in the BSNL network can use it for their DNS queries to safeguard themself from clicking these malicious domains by mistake. The IP of my pi-hole DNS server is 45.76.184.155. One caveat with this IP is that it also blocks most advertisements (that's the primary reason I started using pi-hole.net initially). It is made to work only on BSNL (using firewall rules) for now. If it doesn't work for you for some reason, please publish your BSNL IP here, I will unblock the whole range of BSNL IPs. Unfortunately, I can't allow non-BSNL users to use it, since it takes time, effort and money to run a DNS server. Currently, IPs starting with 59 and 117 are allowed for DNS queries!
But i have faced bsnl mail redirects despite script blockers.
what i do to remove the script?