Jump to content

Recommended Posts

Downloaded Malwarebytes 3.7 this morning, 2/23/19.  FileZilla app is now blocked.  It does not matter what version of FileZilla.  Malwarebytes blocks them all.

I am out of business now it seems.

Version before 3.7 was not blocking FileZilla.  Why is this one?

What is a good alternative to FileZilla if there is a real threat?

Link to post
Share on other sites

Hello @MeCems74 and :welcome:

With the update of Malwarebytes for Mac 3.6.21 > 3.7.30, the App Block feature was introduced.

The v3.40.0 client of FileZilla's disk image file returns the following VT analysis:

https://www.virustotal.com/en/file/3ff81c70dcf11ed18d11e47913655d44aa7d258ec83a0cb8cf987a652705cb43/analysis/

From the Malwarebytes for Mac pull-down menu bar icon, Stop App Block could be selected and similarly so from the Malwarebytes GUI.

In the presence of the above 7/51 VT report, the call is yours.

HTH

Edited by 1PW
Link to post
Share on other sites

As @1PW found, the latest version is 3.40.0 and if you download only the app from this page https://filezilla-project.org/download.php?show_all=1 the VT analysis comes back clean:

https://www.virustotal.com/#/file/3007f11ef25947c58b71c675008f1bb248118e051e04e800f1b8b59dd3d7a365/detection

What contains the Installcore adware is the monetized installer that comes on the .dmg version, not the app. Although having the app is an indicator that one may have installed adware, the app itself has never been found to be infected with anything. 

IMHO, I don't think it should be blocked and MBAM will clean up the Installcore infection.

Link to post
Share on other sites

Thank you for the information.  I have turned App Block Protection 'OFF' in order to use FileZilla 3.40.0.

 

Unfortunately, all other apps are unblocked as well.

 

But I'm back in business after a day reviewing other software.  I was ready to buy a rival in order to continue using Malwarebytes.

 

Thanks

 

Link to post
Share on other sites

We reviewed this detection, and were able to tighten it down to not block FileZilla. However, we are still blocking the FileZilla installer, which installs the Spigot adware and displays analysis avoidance behavior. (If it thinks it's being analyzed by a security researcher, it acts innocent and doesn't install Spigot.) This is definite shady behavior, so we will continue to block this installer.

However, I do have to say that I personally would never trust any developer who is willing to use an adware installer, and would never use any software from such a developer.

Link to post
Share on other sites

I'd still consider getting another app. Even though I haven't seen evidence of FileZilla itself doing anything shady, I still don't trust any developer willing to distribute an installer that will infect people who run it.

I personally use Transmit, from Panic, and have for years. It's truly excellent, has some really powerful features, and it's simple to use. It's not free, of course, but these days I'm increasingly skeptical of anything free, due to the increasing prevalence of developers of free apps making money by bundling adware or collecting and selling user data. There is still legitimate and trustworthy free software out there, but when there are significant red flags for a piece of software, it's wise to avoid.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.