
Ask HN: Dealing with website distributing malware disguised as open source? - Joona
Our open source project has recently exploded in popularity, and someone registered a very similar domain to ours, using it to distribute malware. We&#x27;ve tried contacting their domain registrar (Namecheap) and host to no avail, and now they&#x27;ve taken ads on Google to appear above the official website.<p>Does anyone have experience or tips on how to deal with this situation?<p>Thanks!
======
techjuice
The first and fastest thing you can do is report the site using your browser
so it can be blocked (Chrome or Firefox is the best since it goes to the same
list and Microsoft will also pick it up). After you have done this, report it
to US-CERT - [https://www.us-cert.gov/report](https://www.us-cert.gov/report)
and the FBI - [https://www.fbi.gov/tips](https://www.fbi.gov/tips). For the
registrar, did you also report it using their abuse email account and the
IP/Datacenter operator abuse address? If those don't work you can also contact
ICANN and the actual domain registry who can pull the domain.

You can then talk with a lawyer to file a trademark dispute if you have a
registered trademark along with a DMCA complaint if they have copied your
information.

~~~
Joona
Thanks for the US-CERT/FBI links, we'll report to them. We've reported the
site through Google's safe browsing form and the registrar and host abuse
addresses. Both registrar and host replied saying they found no malware on the
site, despite us submitting analysis on it.

I don't think ICANN deals with malware, but we'll contact the registry. We've
also considered DMCA, but we think it would be a very temporary solution.

~~~
techjuice
You would need to take screenshots and links to the malware, you may also have
to send the links to VirusTotal -
[https://www.virustotal.com/#/home/upload](https://www.virustotal.com/#/home/upload)
URL submission.

If it is targeted then you will have a bigger problem getting this resolved
and law enforcement agencies would have to take over the investigation as it
would be out of the scope of most to properly review this.

~~~
Joona
We've done that with all the reports so far. Most of us aren't in the US, but
hopefully the ones that are can reach out.

