Bitninja – is it legit?

Does anyone know if Bitninja is a legitimate service? They purport to provide security services. I recently got an email from them with a link to some supposedly bad URLs that prove that a PC has malware. I’m a little skeptical. To get full details I have to pay. To request a delisting I have to pay.

To me it smells like some of those thinly veiled extortionist schemes that I come across in the mail world.

The particulars in this case consist of stripped access information (I can’t think of any good reason to strip some of the most useful information away) which look like this:

Bitninja stripped listing

Bitninja stripped listing

There is only one thing in my logs that that could be. They got the time very wrong. The host is www.casarivercentury.org. It kind of looks like it may be a honeypot that they managed to sneak by Google and enticed some unlucky souls to use. Or not.

Or maybe I’ve got it all wrong. Does anyone else have experience with them?

This entry was posted in Admin and tagged . Bookmark the permalink.

20 Responses to Bitninja – is it legit?

  1. George says:

    Hi,

    I am George from Bitninja. I can assure you about our service is fully legitimate, tough our reports confuse people sometimes. I would like to clarify some aspects of our service. Our clients use bitninja to protect their servers against many threats like e-mail harvester robots, automatic forum spammers, botnets trying to expand or attack, brute force password hacks, etc.

    In the meantime we collect information from the suspicious connections, store it and report back to the owner of the IP. That’s how you got our Incident Report e-mail.

    Of course you can write us to stop sending you such reports and we put your IP on our ignore list for free so you won’t get any more emails. You can also ask us about details of the reports, an we will also provide it for free of charge. We also help people to understand our reports better and to solve their security issues if they have any.

    why we cover the important parts? Our clients asked us not to publish full logs as these can hurt. Every user of us can decide how much information they are willing to publish in our reports so we must respect this and cover part of the reports. But if you write us a mail, we can send you the uncovered logs.

    So if you need deeper info, just send us a mail, and we will be happy to help you!

    I hope that helped you to better understand our service.

    Best Wishes,
    George from BitNinja.IO

    • john says:

      Do you have any relation to WebIron? Because around the same time I saw essentially similar messages from them. They also seem to be a new service, probably doing similar things.

      As for getting the details, I’ll give it a shot.

    • Meliss Wright says:

      Can you please stop sending this fake emails. This is really annoying. I am using a link building software on my vps and I keep getting this emails from you. The Vps owner company have scanned by vps twice already because of you, result with 0 threats. I do everything on private anonymous proxies still they have my server IP which is strange. Stop annoying people for some clients. http://image.prntscr.com/image/991b32cf0cda4caaad3a7352f00e630f.png

  2. Gogou says:

    @Bitninja : could you please stop your annoying emails, you are a spammer too which is trying to promote your product

  3. kazy says:

    yea @Bitninja, stop sending those stupid emails, we already blocked you and we will report. We never have asked you to send them

  4. omar says:

    Do not install bitninja. They spam you endlessly (no unsubscribe link in most of their emails). I asked them to confirm that when I uninstall it they don’t leave any traces behind on the server, they never replied, just continued asking me to upgrade to a paid plan.

    Avoid like the plague.

  5. George says:

    Hi all,

    We send our reports behalf of our clients. If there is no malicious activity from a server we never send any report. Please take the necessary steps to clean your servers so we can stop sending the reports. Our reports are quite handy to help you to trace down the infected users/websites too, and obviously bitninja is an easy to user all in one kind of security tool to address server security issues. We have created some documentation to help you trace the infected users. Please feel free to use these resources: http://doc.bitninja.io/outgoing_detection.html

  6. Larry says:

    1. These guys have my residential IP on their blocklist.
    2. An IP that hasn’t been in use for 8 years is blocked. It’s still not in use.
    3. They told me I had to pay to get full report details.
    4. A legitimate email was caught in their “Honeypot” – This was a password reset email.
    5. Dozen other things. Review coming soon on my experiences.

    I’d say these guys are a sham. Left them a disgruntled voicemail. They seem like they legitimately want to do “Something” – as to what, I don’t know. Amateurs.

    @George, get ready for some damage control. You’ve effectively wasted 2 hours of my life investigating false positives and cryptic reports. You’re in charge of reputation management I’d assume, otherwise you wouldn’t be on this site.

  7. Konrad says:

    Ive also see only false positives in reports from bitninja.

  8. Bitninja Is A Scam says:

    Hello,

    Any list that requires payment to delist is by definition a scam.

    There’s no unlist/remove and every time yo uwere contacted you requested money.

    You are, by definition, scam artists. I hope you die a horrible death which I can’t describe here.

  9. Yannis says:

    Bitninja is a legitimate and quite well working server security service, which we have been using for more than 3 years now.
    Just visit their website to verify this.
    Some people are too easily offended and judgemental as I see.

    • Bitninja Is A Scam says:

      Pay me or stay listed is not legit; it’s the way scammers operate. These people spam, scam, and you trust them with your security? Eek.

  10. Jamie (the grumpy one) says:

    Bitninja are scam artists. I am leaving Hostinger because they are using Bitninja who are costing me customers. They have even blocked me, the owner of the VPS and I have to apply to access my own VPS! Customers do not want to deal with scam artists like this and just move on to the next site. Avoid all contact with such companies and avoid companies that use such people.

    • Sandor K says:

      …because your VPS were infected. …and VPS providers and “Customers do not want to deal with” owners of infected VPS renters.
      Bitninja is a legitimate company with well working server security technology. I can recommend to everyone!

  11. LJ says:

    Having read through this reddit page: https://www.reddit.com/r/sysadmin/comments/384q3b/my_server_was_just_suspended_because_of_a/
    And then finding out how deep you actually would need to look for the possible issue the bitninja is reporting you as malicious (down to the closing comment on the reddit page) makes me wonder how many pretentious asshats are in this discussion, with shallow knowledge at best…

  12. Ricardo says:

    Their detection methods are spurious at best.

    – Alternating user agent? Your ISP is emailed. You are ‘attacking’ their server
    – Visiting your own site too much? Your ISP is emailed. You are ‘attacking’ their server
    – They server 200 responses, hijack content and serve a bitninja captcha page whenever they see fit. This is a totally inappropriate response.

    The worst part about their service is their choice of wording to other providers. They can make their false positives sound like you’re breaking the law. They are overly aggressive at blocking user agents (such as majestic’s international scale web crawler), and generally are overstepping their remit with regards to server security and freedom to use your own purchased service.

    I am hopeful that the ‘service’ is contained to within

  13. Jimmy says:

    I love how bit ninja’s team is so crack on top of stuff they were the first to reply to this post. I use them on my server., saves me so much headache to not only know., but to see what is going on. if the server i restart it., i get an e-mail from the the second it happens. If you install it on your server and don’t even pay for it., it’s worth FREE but do consider paying them to monitor and help because it’s worth the money just not worth security 25 servers at $30 an month unless you got clients like that on you server.

  14. Jody says:

    One of our clients uses exchange on a small business server. Their ISP forwarded an e-mail from bitninja re greylisting. There was an issue on the exchange server which was remediated by Symantec technical support. (This client had just purchased the Symantec e-mail suite because of the increased threat level.) We know the server is clean. Bitninja admits there have been no more incident reports, BUT (first big but), they will not remove the greylisting for a MONTH. BUT (second big but), they will remove the greylisting IMMEDIATELY if you will purchase and install their software. I call this unethical. A form of blackmail. I can understanding waiting a bit to remove the greylisting, but a month is way beyond reason, especially combined with “buy our software and we’ll remove the greylisting now”.

    • john says:

      Thank you for that anecdote. That is disturbing behavior and, indeed, unethical. I never took it that far. So now we see their true colors…

Leave a Reply

Your email address will not be published. Required fields are marked *


five + = 8