I was just browsing the main page and opening different posts, any idea why Bitdefender thinks some pages are suspicious?
The first one with the infected, I think it was a post and it had some pictures, didn’t click on anything, just loaded the post.
I think Lemmy fetches a lot of thumbnails/embeds from the instance where the user who posted the post lives.
And a lot of Lemmy instances are on domains registered like yesterday, in TLDs that are rarely used by companies, and are extremely unpopular websites. You might be the first Bitdefender user to query them.
So Bitdefender sees that you went to one site and immediately started requesting a bunch of weird stuff from a domain you didn’t visit, which nobody else has ever visited as far as they know, and which was registered yesterday out in the boonies of .space or whatever, and decides it must be evil since it’s so dang weird and is exactly what would happen if you were being attacked via some kind of cross-site scripting hole.
It is a worrying trend nowdays to have security software decide that anything it doesn’t know about must be evil. Even Windows will block you from running programs you download that it thinks nobody else has ever downloaded.