-
-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
asset_manager_non_core_js.js marked as malware and removed. #13750
Comments
Hi, I guess this is a false positive, but to be sure you should check the file closer yourself. It seems like it is searching for I think |
did find this line in the file : https://share.riseup.net/#btFGRcGYDWr1Jfe47xeqMw which contains activexobj. don't know where its coming from, (zero knowledge of js), but disabled custom opt-out plugin for now, as that was the only other change (installed&enabled), along with the latest matomo upgrade. so maybe it's coming from that plugin. |
The line doesn't look like it is from our tracking code, unless it was added through custom opt out or other plugins. |
Custom Opt-Out includes a full code editior with syntax highlighting and syntax error detection for CSS and JS if I remember correctly. |
running maldet on our servers daily, and after latest upgrade to matomo 3.7.0, we get this hit:
{CAV}Sanesecurity.Malware.27490.XmlHeur.Actx : .../tmp/assets/asset_manager_non_core_js.js
this file gets removed (quarantined) and recreated as far as i can see. is there anything we can do on our side?
thanks,
d.
The text was updated successfully, but these errors were encountered: