If you use Filezilla for transporting files via FTP, there seems to be a problem with the latest version, Filezilla 3.9.0.10. If you don’t use Filezilla and/or have no idea what it is, feel free to skip this post.
UPDATE 1/11/2015
Apparently, this was a false positive. As of today, the Filezilla 3.9.0.10 update EXE tests clean on VirusTotal. Malwarebytes no longer flags it.
Filezilla 3.9.0.10 Update
I’m a regular user of Filezilla and it’s not unusual for there to be an announcement when it starts up that there is a new version ready to be installed. I got a notification last night when I started Filezilla and, as usual, told it to go ahead and install the update.
This morning when I got on my computer, there was a notification from Malwarebytes, my preferred malware scanning software, that Filezilla was corrupted with a trojan called PUP.Optional.Unizeto. I did a bit of research and it seems that the named trojan is pretty nasty.
False Positive?
There is always the possibility of a false positive from malware scanners, so I uploaded the Filezilla update file to a website called Virus Total (https://www.virustotal.com/). Virus Total scans uploaded files with 56 different anti-virus programs. Since no anti-virus program is perfect, the theory is that the more programs are used to scan, the better the potential results.
Of the 56 programs used by Virus Total, only one returned a positive for malware, that one being Malwarebytes. So, one of two things is going on here: either it’s a false positive that only Malwarebytes is alerting to, or it’s getting by 55 other programs and Malwarebytes is the only one identifying the problem.
Erring On The Side of Caution
While the latter scenario is unlikely, it’s still possible. I chose to uninstall Filezilla and download it again from Sourceforge.net.
By the way, it’s important to download Filezilla from Sourceforge.net to be as sure as possible that you have a clean version. Filezilla is one of many freeware applications that can be downloaded from a zillion different freeware sites and it’s not unusual for the software on some of these sites to be infected with malware.
Interestingly, the Filezilla version downloaded from Sourceforge.net is 3.9.0.6. The update is version 3.9.0.10. I installed Filezilla 3.9.0.6 to be on the safe side.
When I started up Filezilla I got the same notification of a new version available and found version 3.9.0.10 in my Downloads directory waiting to be installed. Naturally, I am not going to install the update until I’m sure there is no issue with it. I suggest you pass on the update for now, as well.
If you have already updated Filezilla, I recommend uninstalling and going back to version 3.9.0.6 from Sourceforge.net until the update has been proven clean. Of course, ignore the update notification if the offered update is to version 3.9.0.10. I will be waiting for the next version and will be sure to check the file with VirusTotal before installing it the next time!
Protected by WebARX
Well! That was a wasted exercise. File Zilla has been prompting me for sometime to update and so I did (after reading this article) to 3.10. This refused to connect to my server with several attempts. So I returned to 3.9.0.6 and we are back to normal. I have always believed in the old adage “If it isn’t broken,why fix it?” and I’m sticking to that for now.
Hi, Michael,
There’s a lot of truth in that old adage. It’s a good idea to check the update log to see what’s changed and determine whether it makes sense to update or not. In some cases, the fixes aren’t applicable to how you use the software so updating isn’t critical.
I’ve not had any issues with the 3.9.0.10 update in terms of performance. It sounds like something on your machine may be conflicting with Filezilla’s latest, or vice-versa.
Thanks,
John
No,I don’t think 3.9.0.10 is the same as 3.10. Here is that entire prompt I still keep getting everytime I hit FileZilla. It makes for interesting reading:
3.10.0 (2015-01-07)
– Fixed default file exists actions broken by rc1
3.10.0-rc2 (2015-01-03)
+ Added Welsh translation
+ Data type indicator in the status bar now reacts to left-clicks as well
– MSW: Fix crash when displaying the drive list
3.10.0-rc1 (2014-12-29)
+ Reduced memory consumption of large queues
+ Preliminary support for Windows 10 technical preview
+ MSW: FileZilla running on a 64bit Windows can now use up to 4GiB of RAM, up from 2GiB
– Fixed memory leaks in SFTP component
– Fixed fzsftp crashing on disconnect if using keyfiles
– Various code cleanup and minor fixes
3.10.0-beta3 (2014-12-19)
+ The search dialog now has checkboxes to only search for files or directories
+ In the file lists, Ctrl+Shift+N can now be used to create new directories
+ Added an additional icon theme
+ Small performance improvements parsing large directory listings
+ Updated SFTP components from PuTTY
– Fixed applying file exists actions to files currently in the queue
– Don’t send the PBSZ and PROT commands to servers that have rejected AUTH TLS/SSL
Hi, Michael,
You’re correct, the latest is 3.10.0. That’s what I’m showing on my machine now and it’s working correctly. I’m wondering if previous 3.10 updates were release candidates instead of the final release.
Thanks,
John