Jump to content
ParapoyaGoy

KIS keeps blocking Amazon, certificate warning.

Recommended Posts

Hi everybody!!

recently, KIS 2017 keeps warning me about ''certificates'' while i surf on AMAZON!!

i use MBAM too aside with KIS, and it keeps blocking amazon as well!!

something is going on with amazon recently, please check it out!!

Share this post


Link to post

I have just tried Amazon and cannot replicate your problem with warnings about certificates. I uses KIS  version 17.0.0.611(g) and have Win7 Home Premium . I am using Google Chrome as my browser. I cannot offer actual advice as to what may be wrong but this indicates that it may not be Amazon per se that is the problem I hope this helps.

mikethebike 

Share this post


Link to post

Many users reported my same problem on the italian forum as well, i'm sorry you couldn't replicate it...

i have your same settings, win7, chrome, kis 17(g)...

 

Share this post


Link to post

I'm having the same problems with connecting to Amazon.co.uk. Actually looking at the certificate, it refers to  *.cloudfront.net  which, when I do a whois, is registered to Amazon.com!!  So it appears that the checks being done by the KIS are too simple minded, or am I totally wrong about this?  Incidentally, it isn't only amazon.co.uk that is affected. A recent change to the code that checks certificates perhaps?

To replicate this on amazon.co.uk , search for 'firewall' and it should give the bad certificate pop-up. Then use the pop-up to examine the certificate. 

Please, Kapersky, fix this asap - false alarms will lead to turning the alarms off, and that can be dangerous.

JimG666  

Edited by JimG666
To give an example which throws up the problem.

Share this post


Link to post
2 hours ago, JimG666 said:

To replicate this on amazon.co.uk , search for 'firewall' and it should give the bad certificate pop-up. Then use the pop-up to examine the certificate. 

Please, Kapersky, fix this asap - false alarms will lead to turning the alarms off, and that can be dangerous.

JimG666  

Thanks. I followed your instructions and yes I can now see  the pop-up which says it cannot guarantee authentication etc. If I understand the remit and power of this forum however, it cannot fix anything in the sense you mean it so a plea on the forum to fix the problem will have no effect. Fixing the issue lies within K's remit only and presumably the Klab has to be contacted. It may not even know there is a problem?

mikethebike 

Share this post


Link to post
40 minutes ago, mikethebike said:

Thanks. I followed your instructions and yes I can now see  the pop-up which says it cannot guarantee authentication etc. If I understand the remit and power of this forum however, it cannot fix anything in the sense you mean it so a plea on the forum to fix the problem will have no effect. Fixing the issue lies within K's remit only and presumably the Klab has to be contacted. It may not even know there is a problem?

mikethebike 

Thanks Mike. This part of the forum seems to have many similar complaints to those covered by the main submitter and me, but I see your point and will communicate directly with KLab as suggested.

JimG666

Share this post


Link to post

Right. So in order to have a temp relief please switch off SSL scanning until Amazon can have their things in order and fix the mismatches of their certificates on their end. There is not much you can do from your end.

Share this post


Link to post

Hello guys, listen:

not only KIS 2017 is warning me about ''invalid certificates'' while i'm on AMAZON, like you said above, but even Malwarebytes (that i use alongside with KIS) yesterday blocked amazon as a malicious website containing malicious stuff.

i went on mbam forum, asking the staff the same i asked here: they told me it blocked amazon since it was related with IPs used by a ransomware called ''CERBERUS C2''.

on top of all this, clearly amazon is having problems. how can, a famous website like amazon, be spreading ransomware on its platform? it's illegal. why isn't kaspersky aware of this? they should know. how do we get in touch with them?

 

Share this post


Link to post

so  it's dangerous open Amazon? Kis2017 has the certificaste warning but if there is a ransomware or virus problem with Amazon Kis block them?

Share this post


Link to post

Hi as well,,

No, Amazon.com web site online is ok to use, even though SSL scanning is turned off randomly for short period, Kaspersky is still scanning the browser URL.

3 hours ago, mary7 said:

so  it's dangerous open Amazon? Kis2017 has the certificaste warning but if there is a ransomware or virus problem with Amazon Kis block them?

 

Share this post


Link to post
1 hour ago, kojo+oi said:

Hi as well,,

No, Amazon.com web site online is ok to use, even though SSL scanning is turned off randomly for short period, Kaspersky is still scanning the browser URL.

 

i might trust you, but why both kaspersky and malwarebytes (i use them both) blocked amazon as malicious?  if more antivirus are warning the same website, truth or not, amazon is having something not ok at the moment..

Share this post


Link to post

Okay not sure why, there must be something  wrong at your end?

I have never had any security issues with certificates with Amazon "ever"

But it can happen so maybe like Wizard said also you need to do some tweaking with your computer settings>>Kaspersky network settings>>plus Malwarebytes.

Share this post


Link to post

Well kaspersky doesn t block Amazon has malicious in my case, It advice with "cannot guarantee authenticity of The domain To wich encrypted connection is established"

Url: g-ecx.images-amazon.com 

And It appears with The browser that I use,  Firefox And Chrome also

Screenshot_1.jpg.5fe5984e2fe68e62f12f3cf161141075.jpg

Edited by mary7

Share this post


Link to post
50 minutes ago, kojo+oi said:

Okay not sure why, there must be something  wrong at your end?

I have never had any security issues with certificates with Amazon "ever"

But it can happen so maybe like Wizard said also you need to do some tweaking with your computer settings>>Kaspersky network settings>>plus Malwarebytes.

it can't be on my end.

i've got this same problem on multiple computers, and many users as well, on this forum, are reporting the same problem

Share this post


Link to post
9 hours ago, ParanoiaBoy said:

it can't be on my end.

i've got this same problem on multiple computers, and many users as well, on this forum, are reporting the same problem

Just to clarify my reply. What Mary7 has said reflects my findings as well. I need to make it clear that KIS in my case is not blocking Amazon. I can still use it. I simply have to decide whether to disconnect or stay connected, bases on the KIS warning as per Mary7's post. In fact if I had not done as you said  and put firewall into the search I would not have known of the KIS certificate authentication warning.

 

mikethebike

Share this post


Link to post

Do not understand all the panic to be honest with you. Nothing is being blocked, just a small warning that a certificate they installed does not match the domain name that they use. I know for a big company such a blip is significant, but until they fix it up on their end there is nothing you can do to be honest.

Share this post


Link to post

Also,

Isn't this also the symptom of a Man-in-the-Middle attack? The certificate does not match the site. I would not enter any passwords or credit card numbers on such a link.

Share this post


Link to post
On 17/9/2017 at 1:51 AM, mikethebike said:

Just to clarify my reply. What Mary7 has said reflects my findings as well. I need to make it clear that KIS in my case is not blocking Amazon. I can still use it. I simply have to decide whether to disconnect or stay connected, bases on the KIS warning as per Mary7's post. In fact if I had not done as you said  and put firewall into the search I would not have known of the KIS certificate authentication warning.

 

mikethebike

maybe i wasn't clear:

-Malwarebytes' software blocked amazon as a malicious website(and the malwarebytes forum support told me the ip blocked on amazon was used for a ransomware named Cerberus C2)

-KIS gave me the same ''invalid certificate'' warning you all had

P.S. can some expert here explain me, since i'm not tech savvy, what is this invalid certificate about? thanks

Share this post


Link to post
On 2017-09-18 at 9:03 AM, Whizard said:

Do not understand all the panic to be honest with you. Nothing is being blocked, just a small warning that a certificate they installed does not match the domain name that they use. I know for a big company such a blip is significant, but until they fix it up on their end there is nothing you can do to be honest.

 

Share this post


Link to post

Hello!

The issue can be overrided with exclusion for this domain (Settings - Additional - Network - Manage exclusions) in 2018 products.

Enter there the exact name of the domain: i,e 

g-ecx.images-amazon.com

 

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.