Jump to content
FxJ

FileZilla malware included Lavasoft Web Companion

Recommended Posts

http://www.pandasecurity.com/mediacenter/malware/careful-filezilla-malware-imitates-perfectly/

https://filezilla-project.org/
https://filezilla-project.org/download.php?type=client
https://filezilla-project.org/download.php?show_all=1

There is something really suspicious going on with FileZilla all versions and the portable too are compiled on x86_64_unknown-linux-gnu

 

http://www.filezillasecure.com


Alternative 

Edited by celee
changed last link to code text

Share this post


Link to post
Share on other sites

FileZilla.Org  is the official site along with with their presence on SourceForge.

I do not know hat the other Domain is but it is not the place to obtain FileZilla Server or FTP Client and that domain was created less than a year ago.

 

 

Share this post


Link to post
Share on other sites

NOTE:  FileZilla.Org is not the URL, it is just a shorthand notation.  I can see how that may present confusion.

The official URL is https://filezilla-project.org/   It is the "other" URL, you provided, that presents a risk.

 

Edited by David H. Lipman

Share this post


Link to post
Share on other sites

malware-filezilla.jpg

 

Check about section.
Now installer adds "Lavasoft Web Companion"

Share this post


Link to post
Share on other sites

From;  https://filezilla-project.org/  

It is an Open Source project.  As such one can obtain the source code and tweak it.  The FTP Client is v3.24 compiled January 2017, at https://filezilla-project.org/  not v3.7x compiled in 2013.

Always get software from the source and not third parties.

 

Spoiler

Image1.jpg.9c044a94c9fdb4ecc20ba9a9a22bcae5.jpg

 

Share this post


Link to post
Share on other sites

maybe this helps--- on the "official" filezilla site, they have this nice, shiny download button...(see pic)

that seems to download some virus/bs laden version that MWB flags as malware...

...instead, click "other download options" below it and get THAT version...which appears "clean"

InkedCapture_LI.thumb.jpg.d1b18adb5f9e51c34c46d273283fb775.jpg

Share this post


Link to post
Share on other sites
Posted (edited)

Yes, agreed - and it does say so right below that big green button

The BAD Link DO NOT DOWNLOAD currently is:
This installer may include bundled offers. Check below for more options.

https://download.filezilla-project.org/client/FileZilla_3.42.1_win64_sponsored-setup.exe

Sadly, the filezilla website seems to block the direct download links if not used on their site.

FileZilla Client

Show additional download options

Windows (64bit)
FileZilla_3.42.1_win64-setup.exe (recommended)
Size: 7926824 bytes
SHA-512 hash: 74eaca78fb100c2a752a5d40a85f6dfd4c717b9475acf2e10e8247a7302c8e7cb7980e4e22a15eaa6c7a6a257bca074172df085bc445538f4c23fd1e736f0d6e
https://dl3.cdn.filezilla-project.org/client/FileZilla_3.42.1_win64-setup.exe?h=srMBCnZFkyz3miMohz50DA&x=1561014558

FileZilla_3.42.1_win64.zip
Size: 11367476 bytes
SHA-512 hash: ed9b5c24be068fc2ee1a173afd87698ce886d609b8f2f2eb2b47972c82c966529f99cd3a89ab0e8af2484ff1e9ad43882334c17fb82099bdaa74e296b67d9372
https://dl3.cdn.filezilla-project.org/client/FileZilla_3.42.1_win64.zip?h=AdV5FSjnjeTsdnn5Lu4UAw&x=1561014558


Windows (32bit)
FileZilla_3.42.1_win32-setup.exe (recommended)
Size: 7904160 bytes
SHA-512 hash: fd52c4b95d014b6b2b260532bce8e2db12aa880c1ffb829f3766e6968b1d229c4ccdda3301744102eeccdffe342427c047bed2dac60130a6f00b1769d4a54774
https://dl3.cdn.filezilla-project.org/client/FileZilla_3.42.1_win32-setup.exe?h=vGDfX7lE7dqYQH_AbXe8_A&x=1561014558

FileZilla_3.42.1_win32.zip
Size: 11782014 bytes
SHA-512 hash: 92c744d74ef0e75b1635f71784a62ff773c680e3c8105735a4be3c1a5e272eff48c207eb8832a0283e748e631ab12ff983c70de3e9b7e6cb54773f00e75af5a4
https://dl3.cdn.filezilla-project.org/client/FileZilla_3.42.1_win32.zip?h=mAGfi-Nk2x0wrcwKxcbviA&x=1561014558


Mac OS X
FileZilla_3.42.1_macosx-x86.app.tar.bz2
Size: 9895482 bytes
SHA-512 hash: 5044105c5af9b4689aaec82f4c67d8188c929b3a5751e42a630fcd138c207b6c5869e3f751f9f9c5fefdb1756f6650c71f9bc7e14f3a22af714fd6defd15bd63
https://dl3.cdn.filezilla-project.org/client/FileZilla_3.42.1_macosx-x86.app.tar.bz2?h=1yRfxtpIC7G76qhmJLZ0oQ&x=1561014558

 

Edited by AdvancedSetup
updated information

Share this post


Link to post
Share on other sites
Posted (edited)

 

http://www.filezillasecure.com

 - alternative (only source code).

Edited by AdvancedSetup
Removed live hyperlink

Share this post


Link to post
Share on other sites
Posted (edited)

This link should be fine.  It has the direct download links for all available versions along with their hashes and a link to the source code:

https://filezilla-project.org/download.php?show_all=1

I'm not sure about the filezillasecure link, but I'm sure it's probably just some paid affiliate site looking for SEO/ad money (and they even say they had to pull everything except the source code from their site due to copyright claims from the official Filezilla Devs:

Due to FileZilla requesting that any unauthorized use of its registered trademark cease, only the source code download is available at this time.

Edited by exile360

Share this post


Link to post
Share on other sites

I believe you can still get it with Ninite stripped of the junk.

Just installed it with a Ninite installer and achieved a clean scan with MB.

 

2019-08-08_09h20_44.png

Share this post


Link to post
Share on other sites

Just get it from the official site, i think i pressed the green download button earlier, i saw it was downloaded from the official domain, actually i don't care about the bundled offers, Filezilla is a legitimate program, they won't install it for you without your permission. If people would just stop seeing software installs on Windows as a just click Next, Next, Next as fast as possible competition, they wouldn't have any problems with this. I don't have any problems with them making money from bundled offers. Tim Kosse (the developer) is offering you very high quality software for 100% free. I fully back his right to do that.

Does Malwarebytes even flag Lavasofts Web Companion? Isn't Lavasoft the developer of Ad-Aware? A popular antispyware program back in the days. I don't think they would do anything very bad at least, but if it's a PUP i understand. Or rather an ACUP (Almost Certainly Unwanted Programs).

Share this post


Link to post
Share on other sites
13 minutes ago, Living_Computer said:

 If people would just stop seeing software installs on Windows as a just click Next, Next, Next as fast as possible competition

Good luck with that one.

 

roflmao2.gif

Share this post


Link to post
Share on other sites

By the way, speaking about Ninite, i know what it is but i don't really use it that much (i almost never have to reinstall anyway).

Is it even possible to get crapware from Ninite? Since you said "i believe".

Just asking.

I thought it never gave you crapware.

Share this post


Link to post
Share on other sites
18 minutes ago, Living_Computer said:

I thought it never gave you crapware.

It does not. I just was not sure it was still offered. Ninite has removed much of the previously offered free apps from its free site.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.