Opened 3 years ago

Closed 3 years ago

#11355 closed Bug report (rejected)

Product Site's Bundled Installer download file has Adware.OSX.Spigot virus

Reported by: Yumac Owned by:
Priority: normal Component: FileZilla Client
Keywords: product site, virus, Adware.OSX.Spigot, Cc:
Component version: 3.27.0.1 Operating system type: OS X
Operating system version: 10.11.6 (15G1611)

Description

I had updated FileZilla when it was released on 19 July but it was through the Update Check within the running FileZilla. No virus was flagged with that installer. Yesterday (August 3) I downloaded FileZilla again to be sure I had the latest version and my virus checker identified the installer as having a virus in it.

This time, I downloaded the file from the FileZilla website. I didn't expect to get a virus from the product website. My virus checker, ClamXAV, flagged this installer as having a virus. The two installers must have come from a different source. The installer from https://filezilla-project.org/download.php?type=client, was flagged by ClamXAV as:
File Name Infection Name Status
/Users/cinzia/Downloads/FileZilla_3.27.0.1_macosx-x86_setup_bundled.zip Adware.OSX.Spigot
Status: I trashed that installer. The file that downloaded was https://download.filezilla-project.org/client/FileZilla_3.27.0.1_macosx-x86_setup_bundled.zip. The page had a line just below the download link: "This installer may include bundled offers." This can be acceptable but not if it includes a virus in it also.

Next, I tried downloading the installer from SourceForge at https://sourceforge.net/projects/filezilla/files/ and got a clean installer: Download FileZilla_3.17.0.1_macosx-x86.app.tar.bz2 (7.6 MB). It was not flagged as having a virus.

Whether the installer has a virus or not depends on the source of the downloaded file. Clean installers are from within the running FileZilla Update and from SourceForge. The FileZilla product website provides an installer with a virus. That needs to be cleaned up or point people to other download sites for the OS X system that don't provide an installer with the virus. There was a link on the page for More Options but they were for different operating systems.

Change History (1)

comment:1 Changed 3 years ago by Tim Kosse

Resolution: rejected
Status: newclosed

It is a false-positive, there is no virus in the installer. The offer-enabled installer is entirely harmless, it does exactly as instructed by the user.

Note: See TracTickets for help on using tickets.