Cache File Flagged as Malware

  • Resolved Fibro Jedi

    (@fibrojedi)


    8 months, 3 weeks ago

    Hey,

    So my malware security (Malcare) has flagged files under device-data-cache as potential malware.

    Independent Analytics Files (Falsely) Flagged as Malware

    These files contain serialised data, but it does just look like a historical record. Are these IA files and so I can whitelist them, or should I be cleaning them as possible malware?

    I’m assuming not malware given I’ve never had someone get in before, but better safe than sorry and all that.

    Thanks,

    FJ

Viewing 10 replies - 1 through 10 (of 10 total)

  • Same here, but then in an IA Pro folder. Also wondering what to do: leave it as is, or let it clean by MalCare?

    Plugin Author Ben Sibley

    (@bensibley)

    Thanks for bringing this to our attention.

    I can confirm that these are not hacked files, and this is a false-positive from Malcare.

    I’ll explain the nature of the files so you understand their purpose. When someone visits the site, it can take up to a full second to recognize their device type via pattern matching. For that reason, we cache these patterns to quickly recognize future devices in just a few milliseconds. All of the files inside the /temp/ file are auto-generated and used for caching/performance purposes.

    We will get in touch with Malcare and see if we can work with them to avoid this warning in the future.

    If you can white-list the files in /temp/ that would be best. If they are deleted, they’ll get generated again and could cause a new warning from Malcare.

    • This reply was modified 8 months, 3 weeks ago by Ben Sibley.
    Thread Starter Fibro Jedi

    (@fibrojedi)

    Thank you for that explanation. I will see if I can whitelist a folder – and glad to hear it’s a false positive and not a random security thing in IA.

    Thanks!

    [edit] I don’t think I can add whitelists as I’m on the lowest package with Malcare. And no, I literally cannot afford to upgrade. Hope your chat with Malcare goes well! ??

    [edit2] @newoceans I didn’t get Malcare to “clean” the file. I chose “not malware”. I don’t know if that’ll generate new false positives, but it may help their system to identify similar files from that plugin in future. Maybe.

    • This reply was modified 8 months, 3 weeks ago by Fibro Jedi.
    • This reply was modified 8 months, 3 weeks ago by Fibro Jedi.

    @fibrojedi Indeed, that might be a good choice: click at ‘not malware’.

    @bensibley About whitelisting, not sure if that’s a good option. I’m not a techie, but whitelisting a folder might make that folder an interesting place for possible malware to hide?

    Plugin Author Ben Sibley

    (@bensibley)

    @newoceans Theoretically that is true, so the “not malware” option mentioned above is probably best.

    @bensibley Thanks for confirming ??

    Plugin Author Ben Sibley

    (@bensibley)

    The folks at Malcare have informed me that they’ve marked these files as clean across their system, so this shouldn’t be an issue moving forward.

    @bensibley That’s good news Ben, thanks for the info! Keep up the good work! ??

    Thread Starter Fibro Jedi

    (@fibrojedi)

    Thanks so much for liaising with them, that’s really appreciated!

    Plugin Author Ben Sibley

    (@bensibley)

    You’re welcome! They were quick to respond and get this fixed.

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Cache File Flagged as Malware’ is closed to new replies.