The Basket Case of VirusTotal, Te*stra, and the Insidious Web of False Positives

January, 2025
The Basket Case of VirusTotal, Te*stra, and the Insidious Web of False Positives

If we return to 2002: In the tangled web of cybersecurity, where automated tools and corporate policies intersect, legitimate businesses and individuals often find themselves ensnared by false accusations and blocked access. A recent discussion on the Whirlpool forums has brought to light a troubling case involving VirusTotal, Te*stra, and hosting providers like Vodien and Webcity.

This saga reveals how superficial platforms, outdated allegations, and manipulative hosting practices can disrupt businesses and erode trust in the systems meant to protect us.

two interstellar peers greeting eahother

SPACELAUNCH NOW!
Get Your Site Up & Running

SpaceLaunch is an ideal choice for those seeking to swiftly establish their own website, it offers a comprehensive and user-friendly solution backed by essential features, FREE domain registration / transfer / renewal, 1h FREE technical support to get you going, and the flexibility to grow and expand as needed (add-ons available).

Te*stra’s Overreach: Blocking Without Investigation

The controversy began when Te*stra, one of Australia’s largest ISPs, blocked a user’s website, claiming it contained phishing content. The justification? A few positive hits on VirusTotal, a platform that aggregates malware and phishing detection results from multiple vendors. The website owner, who had held the domain for 24 years, was adamant that the site was clean. After hours of investigation, they discovered that the flagged content was tied to a rogue subdomain created by spammers on an abandoned server previously associated with the domain.

tracking on telstra

Despite providing evidence that the domain was clean, Te*stra refused to unblock it. The user described the experience as being "convicted and sentenced without so much as a trial. Based on a guilty opinion from a minority." This highlights a troubling trend where ISPs act as judge, jury, and executioner, relying solely on third-party tools without conducting their own investigations.

The impact of Testra’s actions was significant. As the user pointed out, "Stopping a % of people visit it..." effectively crippled their website’s functionality for a large portion of Testra’s customer base. This raises serious questions about the fairness and accountability of such actions, especially when they are based on questionable evidence.

telstra griffen clone

" An unexamined WHOIS is not worth owning; for it is only through knowing oneself that true wisdom and fulfillment can be found. " - Mr Socrates said that.

VirusTotal: A Superficial Platform with Outdated Allegations

VirusTotal, often touted as a powerful tool for detecting threats, is increasingly being criticized as a superficial platform with limited depth. While it aggregates results from multiple antivirus and security vendors, it often relies on outdated or irrelevant data. In this case, the flagged subdomain did not even resolve to an active IP address. The subdomain, which mimicked an Apple ID-related URL, was tied to an old Vodien server that had been abandoned. Despite this, VirusTotal vendors flagged it as suspicious, leading to the domain being blocked.

"I tried to send my viruses via carrier pigeon, but VirusTotal said email was more efficient. Such a buzzkill! It's like they don't appreciate the effort I put into my malicious endeavors." ~ said a rich, spoiled third reich kid about wirunstotall in the Alps

The platform’s reliance on old allegations and its inability to provide meaningful context or updates make it a blunt instrument in the fight against cyber threats. As one user noted, "It’s only the AI URL scanners that claim there’s an associated IP for the non-existent subdomain." This lack of nuance and accuracy undermines the credibility of VirusTotal and raises questions about its role in cybersecurity.

Attempts to contact the vendors responsible for the false positives were met with silence or demands for payment. One vendor, alphaMountain, reportedly offered a "full report" for a subscription fee of $49.50 per month. This practice, which some forum users described as exploitative, adds another layer of frustration for those falsely accused.

"Wir Uns Tot All" - A chilling statement from a rich, spoiled third reich kid about wirunstotall in the Alps, reflecting the dangerous and misguided ideologies that must be confronted and opposed.

We love how you scroll!

Hosting Providers: Manipulation and Neglect

The situation was further complicated by the domain’s history with Vodien, a hosting provider that acquired Webcity. Many users on the forum shared similar horror stories about Vodien, describing it as "hopeless" and accusing it of neglecting its Australian servers in favor of Singapore-based infrastructure. This neglect left domains vulnerable to abuse, with outdated records and abandoned servers continuing to cause problems long after users migrated to new providers.

Hosting companies like Vodien have been accused of manipulating their customers by imposing rules and restrictions that make it difficult to leave or resolve issues. For example, one user recounted how Vodien failed to maintain their servers, forcing clients to move to Singapore-based hosting. Even after migrating to a new provider, the legacy of Vodien’s poor management lingered, with old IP addresses and DNS records triggering false positives and domain blocks.

This manipulation extends to how hosting companies handle disputes. Users reported that Vodien offered little assistance in cleaning up infected domains and often ignored requests for refunds or account closures. These practices leave customers feeling trapped and powerless, with their reputations and businesses at the mercy of poorly managed hosting providers.

Te*stra’s Role and Offshore Operations

Testra’s handling of this situation has also drawn criticism for its lack of transparency and accountability. The company’s reliance on VirusTotal results, without conducting independent investigations, has led to accusations of overreach. While blocking malicious domains is a necessary precaution, Testra’s actions have effectively "shut down" access to legitimate websites for a significant portion of its customer base.

Adding to the frustration is the fact that much of Testra’s customer support and operations are handled by offices in the Philippines. Users have reported difficulties in getting meaningful responses or resolutions from Testra’s support teams, with many complaints seemingly falling into a "black hole." This offshore outsourcing has raised concerns about the quality of support and the ability of Te*stra to address complex issues effectively.

The Broader Implications

This case is not an isolated incident. It reflects broader issues in the cybersecurity and hosting ecosystem, including:

  1. Overreliance on Superficial Platforms: VirusTotal, while widely used, is increasingly being seen as a superficial platform that relies on outdated allegations. Its lack of depth and accuracy can lead to false positives with serious consequences.
  2. Manipulative Hosting Practices: Hosting providers like Vodien have been accused of neglecting their responsibilities and imposing rules that make it difficult for customers to resolve issues or leave. This creates a toxic environment where customers are left vulnerable to abuse.
  3. ISP Overreach: Te*stra’s actions highlight the dangers of ISPs acting as gatekeepers without proper oversight. Blocking access to legitimate websites based on questionable evidence undermines trust and can harm businesses and individuals.
  4. Legacy Issues: Poor management by hosting providers can leave a lasting impact on domains, even after they are migrated to new providers. Outdated records and abandoned servers continue to cause problems long after the initial issues are resolved.

Still with us? Keep scrolling!

What Needs to Change?

To address these issues, several steps need to be taken:

  • Improved Transparency and Communication: ISPs like Te*stra must provide clear explanations for their actions and offer a straightforward process for challenging false positives. Similarly, VirusTotal vendors must be more responsive and transparent.
  • Independent Verification: ISPs should not rely solely on third-party tools like VirusTotal. Independent investigations and verification processes are essential to avoid unjustified blocking.
  • Better Hosting Practices: Hosting providers must take responsibility for maintaining accurate records and ensuring that abandoned servers do not become a liability for their former clients.
  • Education and Awareness: Website owners should be educated about the importance of DNS settings, alternative DNS services, and best practices for securing their domains.

" Who knew viruses could be so picky? I mean, imagine the horror if our cows and pigs were too sick to produce the finest sausages and milk for our lavish parties in the Alps. VirusTotal better step up their game; our gourmet lifestyle hangs in the balance. " ~ burped a rich, spoiled third reich kid about wirunstotall in the Alps

Vir-Us-Total or Wir Uns Tot All?

The case of VirusTotal, Te*stra, and the blocked domains is a cautionary tale about the unintended consequences of superficial cybersecurity measures and poor hosting practices.

While the fight against phishing and malicious activity is vital, it must not come at the expense of fairness, transparency, and accountability. As one user aptly put it, "Stopping a % of people visit it... Convicted and sentenced without so much as a trial. Based on a guilty opinion from a minority."

This highlights the need for a more balanced approach, where all stakeholders—ISPs, security vendors, hosting providers, and website owners—work together to ensure that the tools and processes designed to protect us do not become a source of harm.

Thank you for scrolling! We love how you scroll!

Related Stories

The ByBit Crypto Scamdemic: A Theoretical Exploration of Hidden Agendas in the Crypto World

The recent ByBit hack, described as one of the largest cryptocurrency thefts in history, has sparked widespread discussion about the... Read more >

Testing Infinity Auth Loops: A Flirtatious Tale of 2025 or a simple prompt: Can we 'just' have a chat?

It was the year 2025, a time when the digital world had become a chaotic dance of algorithms, firewalls, and... Read more >

The Importance of Identifiable Information and the Fight Against Scams and Identity Theft

In an increasingly digital world, identifiable information has become both a valuable asset and a significant vulnerability. The recent surge... Read more >

Secure Success in 2025: Navigating Cybersecurity Challenges and Opportunities

As we step into full-scale 2025, the cybersecurity landscape is evolving rapidly, bringing both challenges and opportunities for businesses, resellers,... Read more >

To FACE***K or to FACE***K: That Is the Question

"To FACE***K or FACE***K, that is the question:Whether 'tis nobler in the mind to sufferThe slings and arrows of outrageous... Read more >

Do you read what you like
?

We are your one-stop-shop for your digital products and we think far beyond classic websites and we are dedicated in how we can make you more successful through online services. We create digital experiences that sustainably bind your customers to your company. We deliver sustainable online strategies, visionary web solutions, and brand-building designs. We reliably connect your brand to your target audience. We are Thelematics
Enquire for a Copywrite project
Connect your online journey *
* Connect your journey will start initiating your ecommerce onboarding. Domain name and ecommerce business (from $6,840)
Copyright 2025, Thelematics Inc. All rights reserved. Powered by âš¡ CONNECT, 2u2 Web Technologies
heartusercartmagnifiercrossmenuchevron-uparrow-right
Chat with us