Hello. Over the last week, I wanted to try to change my DNS to Cloudflare 1.1.1.1 DNS.
When I clicked on 1.1.1.1 page to download their WARP app, Bitdefender blocked the page, and said it was infected. The malware was Trojan.GenericKD.65820606. It’s the official page however.
Now I’m anxious to use Cloudflare DNS on my router or download the app.
On Bitdefender central page, it says the 1.1.1.1 contains a malware.
I tried Malwarebytes and it didn’t block 1.1.1.1. Windows Security + Microsoft Edge browser didn’t alert me about 1.1.1.1 too.
Weirdly enough, when I try to access Cloudflarewarp page, which is the same page as 1.1.1.1 (I THINK), BitD doesn’t block it or alert me.
So now I don’t know if this is legit or just a false alarm, because I really do want to go back and download the WARP app and change my DNS on the router as well. This is making me question the safety of Cloudflare’s DNS.
This is strange, let me take a look and I’ll circle back.
@ causaluser876 what URL were you on exactly when you clicked the DOWNLOAD button and which of the kits did you try to download?
Not sure why that happened to you, but there is no issue, maybe try to send more details so we can attempt to replicate your steps?
Hello! Thanks for the reply.
So, first I clicked on this page: 1.1.1.1
It’s recognized as an official Cloudflare page (up to my knowledge and also according to Microsoft Edge)
BitDefender immediately blocks it and says it’s a suspicious page and asks me not to enter it. Unless I click on “continue anyway”. The reason for the block is “infected web page” according to Bitdefender. And the malware is named above.
So I clicked “continue anyway” and then the malware named above was downloaded on my device and BitDefender took care of it.
I haven’t clicked on any download button. I just clicked on the page, then insisted on entering it despite BitDefender’s block by clicking “continue anyway”
The page that is CloudFlareWarp is fine and BitDefender does not block it. This page leads me to the same page as 1.1.1.1 to download the app. Although both have different URLs.
I posted on BitDefender community for answers and so far one said it’s most likely a false alarm and him and I submitted the 1.1.1.1 URL to BitDefender’s lap for further investigation.
2 Likes
It won’t allow me to post the exact links.
1.1.1.1 is the link that starts with HTTPS then just 1.1.1.1 (you can see it in the picture attached above)
CloudFlareWarp starts with HTTPS then dot com.
Yeah this is my post 
Sorry for bothering. I just hope everything is fine, especially from your side.
I was pretty anxious about this. Thank you.
2 Likes
