Hot Take Hibit Uninstaller fake website

Kaspersky's response to visiting this site:

1783193760111.png
 
I posted this a few days back in the HiBit Uninstaller thread.
The hibitsoft.ir website doesn't appear in DuckDuckGo Search for me; it lists hibit-uninstaller.com when I search for "hibitsoft." The download from hibit-uninstaller.com leads to direct-download.giize.com, which Cloudflare Gateway DNS blocks as malware. I submitted hibit-uninstaller.com through my Cloudflare account to categorize it as brand embedding and malware.
Cloudflare Zero Trust DNS
scr.png
 
1-hibit-uninstaller.com.jpeg
2-direct-download.giize.com.jpeg

For anyone interested, these screenshots are from my own test.
The first shows the main page of hibit-uninstaller.com, which at first glance appears legitimate and doesn't trigger any warning when accessed.
However, clicking the download button redirects to direct-download.giize.com, which NextDNS blocks because it is categorized as a Dynamic DNS Host. While Dynamic DNS services are not inherently malicious, they are commonly abused in malicious campaigns, so security services often treat them with extra caution.
In this case, the blocked download is consistent with what other members have already reported using Cloudflare Gateway, ESET, and other security products. It also illustrates that a website's landing page may appear harmless while the actual download infrastructure is what raises the security concerns.
I would avoid downloading it directly and instead look for the software through trusted repositories or other verified sources. 🔒🧩