MinGW - Minimalist GNU for Windows

Fork

• mingw-dist
• build-aux
• wtklite
• pexports
• website
• mingw-get
• mingw-org-wsl
• mingw-pkgspecs

捐款

[MinGW-Notify] [mingw] #42768: mingw.org domain hijacked

• Previous message (by thread): [MinGW-Notify] [mingw] #43663: %zd and %td support in attribute format printf
• Next message (by thread): [MinGW-Notify] [SCM] mingw-org-wsl (mingw) branch, 5.5-trunk, updated. cf7bdc75e24a873a3dc1c1b14b8e758ddc19fc96
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#42768: mingw.org domain hijacked

  Open Date: 2021-08-25 10:42
Last Update: 2022-01-24 20:27

URL for this Ticket:
    https://osdn.net//projects/mingw/ticket/42768
RSS feed for this Ticket:
    https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=42768

---------------------------------------------------------------------

Last Changes/Comment on this Ticket:
2022-01-24 20:27 Updated by: keith
 * Status Update from Open to Closed
 * Resolution Update from None to Won't Fix

Comment:

We no longer own the mingw.org domain. When NetworkRedux.com moved out of the web hosting market, and withdrew our sponsorship, eNom.com blocked our legitimate attempts to transfer the registration to a new sponsor, and attempted to hold us to ransom. We declined to be blackmailed, and eNom.com have sold the domain — illegally, because we still own the MinGW trademark, so the new owner is infringing that.
Regardless, our official web-site may now be found at https://mingw.osdn.io

---------------------------------------------------------------------
Ticket Status:

      Reporter: jimbo19692
         Owner: (None)
          Type: Issues
        Status: Closed
      Priority: 5 - Medium
     MileStone: (None)
     Component: WEBSITE
      Severity: 5 - Medium
    Resolution: Won't Fix
---------------------------------------------------------------------

Ticket details:

Likely only the DNS settings have been hijacked.  When navigating to mingw.org, you end up on a page with obvious malware (Chrome extension in at least one case, but it rotates) being served (i.e. attempts to fool unsuspecting users into downloading & installing rogue software).  It is not just an add contained within the page -- it is the whole page.  There is either an A RECORD in the DNS, or a forward/redirect on the real mingw site that has been hijacked to send folks to the malicious site instead.
I think this, at the very least, undermines trust and confidence in the MinGW product.  To add insult to injury, eventually, after rejecting the fake downloads enough, the page (on one occasion, at least) redirected to the mingw-w64 site.  There seems to be some logic built into the redirect, based on the referrer, leading me to suspect a forward/redirect on the real page, rather than a DNS issue.
Good luck with it, and with your impressive MinGW tool.
Sincerely,
--James Wing

-- 
Ticket information of MinGW - Minimalist GNU for Windows project
MinGW - Minimalist GNU for Windows Project is hosted on OSDN

Project URL: https://osdn.net/projects/mingw/
OSDN: https://osdn.net

URL for this Ticket:
    https://osdn.net/projects/mingw/ticket/42768
RSS feed for this Ticket:
    https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=42768

• Previous message (by thread): [MinGW-Notify] [mingw] #43663: %zd and %td support in attribute format printf
• Next message (by thread): [MinGW-Notify] [SCM] mingw-org-wsl (mingw) branch, 5.5-trunk, updated. cf7bdc75e24a873a3dc1c1b14b8e758ddc19fc96
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]