Opened 4 years ago
Closed 4 years ago
#12385 closed Bug report (rejected)
Remove Virus infected versions from download section
| Reported by: | chuckthetekkie | Owned by: | |
|---|---|---|---|
| Priority: | low | Component: | Other |
| Keywords: | Virus, Malware | Cc: | chuckthetekkie |
| Component version: | Operating system type: | OS X | |
| Operating system version: | macOS 10.15.7 |
Description
You still have Virus infected versions on your servers. Please remove them as my favorite Mac updating app will not allow FileZilla to be checked for updates as you've been known to distribute malware in the downloads. These infected downloads are still present on your servers.
Attachments (1)
Change History (9)
comment:1 by , 4 years ago
| Priority: | critical → low |
|---|---|
| Resolution: | → rejected |
| Status: | new → closed |
comment:2 by , 4 years ago
It's not a false positive. All of the files that say "Sponsored-Setup" contain malware. Everything else doesn't. Even Apple's own malware software says it contains malware.
comment:3 by , 4 years ago
| Priority: | low → critical |
|---|---|
| Resolution: | rejected |
| Status: | closed → reopened |
by , 4 years ago
| Attachment: | Screen Shot 2021-02-09 at 9.22.56 AM.png added |
|---|
comment:4 by , 4 years ago
| Priority: | critical → low |
|---|---|
| Resolution: | → rejected |
| Status: | reopened → closed |
That's a false-positive. You need to report it to your AV vendor.
comment:5 by , 4 years ago
| Priority: | low → critical |
|---|---|
| Resolution: | rejected |
| Status: | closed → reopened |
This is not a false positive. The infected version install malware on the computer. All the files that have "Sponsored-Setup" do this. "https://download.filezilla-project.org/client/" contains several files with "Sponsored-Setup" in them. Every single one of them installs malware. These files do not have the "filezilla" executable in them. They have a "scissorsbird" executable in them which contains the malware. Why do you keep denying that they contain malware?
comment:6 by , 4 years ago
| Priority: | critical → low |
|---|---|
| Resolution: | → rejected |
| Status: | reopened → closed |
It's not a virus, you need to report this false-positive to your AV vendor.
If someone proclaims the software to be malware, the onus is onto the claimant to explain in detail why it is malware.
There's a reason we stopped burning people at the stake merely because someone decried "Witch" in public.
comment:7 by , 4 years ago
| Priority: | low → critical |
|---|---|
| Resolution: | rejected |
| Status: | closed → reopened |
The "Sponsored-Setup" files install hard to remove adware. If this was really a false positive then why haven't any anti-virus companies have fix it? It's been classified as malware for years now when you started bundling adware into the setup.
comment:8 by , 4 years ago
| Priority: | critical → low |
|---|---|
| Resolution: | → rejected |
| Status: | reopened → closed |
There is nothing wrong with the offer-enabled installer, it only presents an offer during installation and ask the user ifs he wants the offered software. At no point is anything installed the user doesn't agree to. No different than a vendor offering you his wares as you stroll over the farmer's market.
Crying wolf is in an AV vendor's best interest. The more they cry, the more uneducated users feel protected and think their purchase is justified.
You need to report this false-positive to your AV vendor.