GoDaddy redirects anjuta.org to phishing website

TLDR: The recently [to me] publicized issue of GoDaddy redirecting domains to other possibly malicious domains happens when going to [at least to] anjuta org. After another attempt it send me to the correct (real) project page instead of completely different one.

Upon going to at least one page [anjuta org] of gnome project there is a chance to be redirected to malicious website. [Supposedly indonesian betting website][0] which when I looked through the links and found, via virustotal [1], is linked to phishing websites.
What will be or should be done about this ?
I believe there is real possibility this could be misused in multiple ways [specifically against gnome software, as well as users in general].

Relevant links:
[0]
malicious site: [SBOBET: Agen Sbobet Resmi dan Situs Taruhan Judi Bola Online Terpercaya]([classic header]sbobet[dot]us[dot]com/) filing a report seems like a good idea

Virustotal links:
First one founds nothing:
[1]

But links are marked as phising:

PS: This is an ASAP report, please bear the imperfect structure and all the mistakes.
I don’t have the time to check how often it happens nor I do I deem it necessary since it
happened before with other sites. I am also sending an email to GoDaddy.Inc, for what it is worth.

AFAICS, the Anjuta domain was not under the GNOME infrastructure, and lapsed. This is bound to happen, unfortunately, especially with projects that have seen a decrease in activity.

Anjuta is unmaintained, and the code repository was archived a while ago.

Doesn’t really sound like it? If the page generally displays the real anjuta.org and only sometimes redirects to a malicious page, then that sounds like the GoDaddy hack.

I wonder who maintained this website.

The first reference is in a commit from the original author, Naba Kumar, so I assume he registered the domain 20 years ago, back when Anjuta was still on SourceForge.

@ebassi
I thought I had checked that it did not lapse. Sorry, was quite tired yesterday, maybe I got it confused with when I checked via wiki gnome org /Apps…

Whatever the case, I rechecked again and always got redirected to the phishing site.
And when checking with dnf info anjuta on fedora it outputs:


URL : http://www.anjuta.org/
License : GPLv2+


So in case it lapsed it’d be a good idea to change that… I am new here, don’t really know who to contact regarding that. I guess the anjuta package maintainers, right ?

@mcatanzaro That’s what I though too, but I rechecked again today and it seems I was too tired and got it confused among the multiple checks I did… So I think it is as ebassi said, that it just lapsed.

Anyway, thank you both for your time.

The former Anjuta maintainers are certainly the best people to get in touch with. That said, if they no longer own the domain then there’s not really anything that can be done about it.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.