“codecov” file suddenly appeared in muliple sites

  • Resolved Marcelo Pedra

    (@kent-brockman)


    5 months, 1 week ago

    Hello guys, today ImunifyAV, the server antivirus on cPanel environments, started yelling that every w3-total-cache installation in the server has a 45 MB allegedly compromised file named “codecov”. I can tell from the downloadable zip in the WP repo that this file does not come with the plugin. But it’s very strange that it appeared suddenly, on very different servers, on very different WordPress websites.
    After scanning every file of the plugin, I found references to Code Coverage, so I guess you are using the Codecov library (https://about.codecov.io/), right? By viewing the content of “codecov” file I can see it’s a binary file.

    Anyway… is this a bug, a false positive, or does it really really happen to be an actual threat? Can you investigate it and provide an outcome please?

    Thanks in advance. Regards,
    Marcelo

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @kent-brockman

    Thank you for reaching out and I am happy to help!

    These files are a part of our build and testing process and are not needed indeed. You can safely remove codecov file. Those were added in the latest update and now they are removed so you can safely remove or re-install the latest version of the plugin.

    To confirm, it’s a false positive and ther eis nothing to worry about

    Thank you for taking the time to report this and thank sorry for any inconvenience.

    Thread Starter Marcelo Pedra

    (@kent-brockman)

    Ok, thanks for confirmation ??

    Just as a confirmation: will this file disappear in forthcoming automatic updates?

    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @kent-brockman

    Yes this is already removed so it will not excist in any future updates.
    Thanks!

    Thread Starter Marcelo Pedra

    (@kent-brockman)

    Thanks. I will whitelist the file in the antivirus.

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.