henrypp
Phishing website claiming to be Simplewall
https://www.simplewall.org/ at the end of page, they wrote statements which are all false.
This website is for informational purposes only and is not affiliated with simplewall. For the official simplewall website, please visit https://www.simplewall.org/. We do not host the simplewall software on this website. We only provide information about simplewall. All of the tutorials and articles on this website are written by us. Copyright (C) https://www.simplewall.org/. Warning: Do not copy content unless you have the copyright permission to do so. https://www.simplewall.org/
first sentence wtf?
second sentence, f* lies, on the download page, when you click on "Download" it redirects you to mega.nz which hosts an exe.
What you can do:
report it to their domain registrar, server hosting service and submit their URL to filter lists.
I've compared the sha256 hash of the phishing site's one and the legit one, and they came out to be the exact same file with the hash of "0768e0966b5d0723065a40b272a8f3e6763b918eeb274c4ffa08b54911dd96f8" ("simplewall-3.8.2-setup.exe")
Just to let anyone know who installed simplewall from them that it's safe atleast.
@henrypp cryptographic hashes do not provide authenticity, they provide integrity. Integrity checks are useful to detect corrupted data on-download; it does not protect you from maliciously altered data unless those hashes are cryptographically signed with a key whose private key isn't stored on the publishing infrastructure.
The signature checks out, and it seems the website has been updated, at least it now hosts the file itself https://www.simplewall.org/simplewall-3.8.5-setup.zip The most recent version 3.8.6 isn't there yet though.
But I was actually looking around https://www.privacytools.io/windows and there was a link there to https://www.henrypp.org/product/simplewall which redirects to some thai website https://www.slync.io/ @henrypp, do you still have access to henrypp.org? The javascript looks borked
