Security alerts – false positives?

  • Resolved bolt24

    (@bolt24)


    2 years, 1 month ago

    I scanned this plugin and it showed several “Generic malware dropper” etc: Heur.PHP.Dropper.gen in these files: ua-lockout.php, blacklist.php, audit-logging.php. Heur.PHP.Encoded.gen.271C and Heur.PHP.Encoded.gen in README.md, Heur.PHP.Encoded.gen.271C and Heur.PHP.Encoded.gen in phpqrcode.php and Uri.php Heur.PHP.Encoded.gen.271C and Heur.PHP.Encoded.gen in Hash.php and Backdoor.PHP.Exec.gen.3CE in SystemDceSecurityProvider.php.

    What does this mean actually?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter bolt24

    (@bolt24)

    Correction: The headline should read false negatives naturally .

    Plugin Support Williams – WPMU DEV Support

    (@wpmudev-support8)

    Hi @bolt24

    I hope you’re well today!

    We didn’t have any similar reports in the past and while I’m nearly sure those are indeed false alters, we’d like to look into it closer.

    Could you tell us, please:

    1. what scanner did you use (and if there are any specific settings of it that need to be enabled – what are they)?

    2. what are the line numbers for those reported files (if it gives any line numbers)?

    If there are any other details about that scan process/tool/procedure that you could possibly share, it would also be very helpful.

    Thank you in advance!
    Adam

    Plugin Support Nithin – WPMU DEV Support

    (@wpmudevsupport11)

    Hi @bolt24,

    Since we haven’t heard from you for a while. I’ll mark this thread as resolved for now. Please feel free to re-open the thread if you need further assistance.

    Best Regards
    Nithin

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security alerts – false positives?’ is closed to new replies.