UGN is dangerous!

Posted by: Digital Geek

UGN is dangerous! - 04/11/09 04:38 PM

So I'm at this office where I have to do a few windows installs, so after I finish the first box, I install their Trend Micro Pc-cillin Internet Security 2009.

I was getting bored waiting for the rest of the computer to finish the install so I decided to do some browsing. I open up internet explorer and enter undergroundnews.com but instead of the nice black and blue colors we all know and love I'm seeing this shit:


(click to enlarge)

I already had a bad impression about Trend Micro's internet security software since it has a higher resource usage and a lower detection rate then Eset or Kaspersky, not to mention incompatibility issues with VPN software, like the one made by Check Point, but now I know their internet security is shit.

Someone should ask them how did they figure out that UGN is dangerous.
Posted by: Gremelin

Re: UGN is dangerous! - 04/12/09 02:02 AM

I emailed them, though I doubt they'll have the courtesy to respond...
Posted by: Gremelin

Re: UGN is dangerous! - 04/12/09 02:16 AM

DG, what URL does it give you when you click the report button?
Posted by: Gremelin

Re: UGN is dangerous! - 04/14/09 01:13 AM

I got an email from TM, evidently they thought i was referring to email vs my site, eventhough i mentioned it numerous times (we don't even offer mail on our server ip's, so i knew we'd pass their spam test)...

Now to wait on the next...
Posted by: Gremelin

Re: UGN is dangerous! - 04/21/09 06:33 PM

Just reposting here what I posted on the @undergroundnews Twitter feed:
Quote:
TrendMicro support is nil... How can they have such a popular product with such crappy support? Nothing important or anything... lol


I keep getting canned responses basically stating that I'm retarded and don't understand how to use their products... When I'm not using their products...

I also posted on my twitter account (@Gremelin) to @TrendMicro:
Quote:
@TrendMicro Are your helpdesk support responses just canned responses? Need help on a, what seems to be, simple issue. (removed ticket id)


Oh, and get this, the ad for this thread? TrendMicro... So next message I'm stating that I'm going to be banning their Google Image/DoubleClick.net Ad's from my security-related site until this issue is rectified.

Heres the ad:
http://googleads.g.doubleclick.net/pagead/imgad?id=CLugho3znPa1VBDYBRhaMggupl0JHCLepw
Posted by: Gremelin

Re: UGN is dangerous! - 04/22/09 01:16 AM

Just posted on @undergroundnews:
Quote:
Another pointless TrendMicro email; this one telling me that a Service Request has been opened on my HelpDesk ticket... Still 0 responses..
Posted by: Gremelin

Re: UGN is dangerous! - 05/02/09 01:07 AM

Quote:
Sent: 4/22/2009 07:09:38 AM
Dear James,

This is Loyd from Trend Micro Consumer Support.

I have reviewed your case and I understand that you are encountering problems with the Trend Micro program blocking your website (www.undergroundnews.com). We checked it on our end and the program is tagging it under Hacking/Proxy Avoidance category. We already forwarded your concern to our Antivirus department so they can further check and reclassify the website. Once verified that it is valid we will remove it on our next pattern deployment. We will get back to you with the result once the reclassification is completed.

Please do not hesitate to contact us back should you have any further concerns.


Best regards,


Loyd Gil Tulud, MCP | Consumer Escalation Team - Level2
TrendLabs – Trend Micro Incorporated


Quote:
Sent: 4/23/2009 07:19:06 AM
Hi James,

Here's a status update on your case.

Your site is being blocked by automation because of the URL "undergroundnews.com/files/files/download/keylogger.zip". Our automation is finding a possible keylogger in your site.

But for the domain "undergroundnews.com", it is now being handled by our URL filtering team for reclassification.

Please standby for further updates.

Regards,

Loyd Gil Tulud, MCP | Consumer Escalation Team - Level2
TrendLabs – Trend Micro Incorporated


Quote:
Sent: 4/24/2009 09:56:26 AM
Hi James,

Your website 'www.undergroundnews.com' has been reclassified. The Trend Micro program will not block this website anymore. Please update the program for these changes to take effect.

It is beneficial for our records to be up to date, by simply REPLYING back to this email. Please let me know if I was able to resolve your concern(s) so I may formally close this case for you. A simple "Close this case" note would do.


Please do not hesitate to contact us back should you have any further concerns.


Best regards,


Loyd Gil Tulud, MCP | Consumer Escalation Team - Level2
TrendLabs – Trend Micro Incorporated
Posted by: Gremelin

Re: UGN is dangerous! - 05/02/09 01:12 AM

So, the latest patterns update should fix this issue and everyone should be able to visit the site again. The strange thing is, from a security standpoint i can see why they'd block such tools, however i can also see benefits to having them.

For now, UGN will no longer link to "possible" malicious tools on the site; though you can still use Google to find 3rd party resources for these (including the UPIN tools, which where also removed).

I'd like to thank TrendMicro for removing us from your lists, I'm curious if it was my constant emails, or my babling to @TrendMicro or just the redesign of the site closing the old file base :P...

I'm sure our data center breathed a sigh of relief as well since they've been trying to get us to purge the files anyway...
Posted by: Gremelin

Re: UGN is dangerous! - 05/02/09 01:15 AM

And for those of you wondering where this leaves the BOTW drawup I've been working relentlessly on; it doesn't, everything is still on track and I still plan to release a system on it later in the summer season.