1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Warning] Stop Using FileZilla

Discussion in 'Black Hat SEO Tools' started by HelloInsomnia, Feb 19, 2015.

  1. HelloInsomnia

    HelloInsomnia Jr. Executive VIP Jr. VIP

    Joined:
    Mar 1, 2009
    Messages:
    1,828
    Likes Received:
    2,939
    Edit: It appears to be Source Forge doing this so if you don't use software that uses these crappy offer installers then stop using Source Forge

    Hello friends,

    Yesterday I went to install FileZilla on a VPS. When suddenly Chrome blocked the download saying it was a malicious file. Since I've been using FileZilla for years now I was really surprised and so I check the VT: https://www.virustotal.com/en/file/...d5576140c083e35366cab4c5/analysis/1424317161/

    It seems about a year ago (maybe more now) they added an offer wrapper to the installer to try and monetize it. Fortunately for me I never update FZ because it always clears my settings (updating probably won't install nasty stuff but better safe than sorry). With that being said it's time to go back to WinSCP or something else.
     
    • Thanks Thanks x 2
    Last edited: Feb 19, 2015
  2. vedavyas

    vedavyas Junior Member

    Joined:
    Feb 14, 2010
    Messages:
    113
    Likes Received:
    38
    Its a false alarm,Chrome blocks all .Exe,.Jar Files which are not Signed.You can upload same file to google drive and download using that link,chrome dont block it.Bcoz Chrome blocks .exe files which are not signed by a "code signing certificate" or not downloaded from reputable safe site for downloading.

    Also there may be other apps install with filezilla,but i dont think it filezilla that installing them,its "sourceforge"(Default Download source). They add extra softwares(advertisers) with any software on their site.Which you can deselect them during installation if you dont want them.
     
    Last edited: Feb 19, 2015
  3. tiyowan

    tiyowan Regular Member

    Joined:
    Aug 7, 2013
    Messages:
    251
    Likes Received:
    137
    Um, sorry OP but no.

    1. Install RevoUninstaller
    2. Install FileZilla
    3. Scan using RevoUninstaller
    4. Remove any unwanted crap if you selected it by accident.
    5. Keep calm and carry on.

    Also, as the previous poster wrote, the issue is not only with FileZilla but Sourceforge. It seems they sold out and are going down the path that CNET went with their crappy custom installers that try to install adware on your machine. You can use something like Ninite to install FileZilla and you won't get any of the adware.
     
    • Thanks Thanks x 1
    Last edited: Feb 19, 2015
  4. HelloInsomnia

    HelloInsomnia Jr. Executive VIP Jr. VIP

    Joined:
    Mar 1, 2009
    Messages:
    1,828
    Likes Received:
    2,939
    It probably is SF but I am still not using them; it's not the fact that you can get around it but the fact that it is there.
     
  5. Inabox

    Inabox Newbie

    Joined:
    Aug 27, 2014
    Messages:
    44
    Likes Received:
    19
    ^^What the above guy is saying is....

    When you installed/updated filezilla, there is an option to "Un-Select" That addon from sourceforge and just install Filezilla with NO toolbar/adware.

    Its not filezilla thats adding the adware, its sourceforge. They try to trick people who don't pay attention to the install into installing it without them realizing.

    With that being said, Filezilla is safe and doesn't install/promote any adware or extensions themselves
     
  6. IAmFromTheInternet

    IAmFromTheInternet Junior Member

    Joined:
    Feb 13, 2015
    Messages:
    180
    Likes Received:
    180
    It's the fact that your downloads provider added the option to install some toolbar/adware stuff during install.

    Just read carefully during intstallation and make sure not to install anything other than FileZilla.

    A lot of people just click next-next-next-ok-ok-yes in a couple of seconds and then wonder why they have a system full of malware and a browser window that has more blinking lights and ads than a Vegas slot machine room.
     
    Last edited: Feb 19, 2015
  7. HelloInsomnia

    HelloInsomnia Jr. Executive VIP Jr. VIP

    Joined:
    Mar 1, 2009
    Messages:
    1,828
    Likes Received:
    2,939
    It is Source Forge doing it after all. So I guess the lesson here is to not use SF.

    Look I understand where you guys are coming from when you say just untick it. All I am saying is I don't use shitty software companies that use these methods and I know a lot of others won't want to use them because of this as well.
     
  8. SharkServers

    SharkServers Jr. VIP Jr. VIP

    Joined:
    Jun 29, 2014
    Messages:
    422
    Likes Received:
    195
    Occupation:
    Web Hosting
    Location:
    DMCA? Pff! www.SuckMyBallsDM.CA
    Home Page:
    Filezilla is safe if you decline the extra bundled stuff from being installed. This is simple - Sourceforge is an open source software hosting platform. They want money, so they bundle all kind of stuff with the downloads. The actual product does not have any issues.
     
  9. koolkake

    koolkake Regular Member

    Joined:
    Jul 2, 2014
    Messages:
    228
    Likes Received:
    224
  10. royserpa

    royserpa Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 28, 2011
    Messages:
    4,986
    Likes Received:
    3,744
    Gender:
    Male
    Occupation:
    Negative Options aka Rebills!
    Location:
    Exploiting Loopholes!
    Home Page:
    1 Never accept any promo software or whatever is called
    2 Always download from the software homepage and not from 3rd party sites ;)

    Some weeks ago downloaded filezilla from source forge and it installed adware on my browsers. Decided to uninstall everything and download from fz homepage. Result? No adware! :cool:
     
  11. iggypop

    iggypop Junior Member

    Joined:
    Feb 25, 2009
    Messages:
    171
    Likes Received:
    52
    Don't click the top link for FZ. There's a link to the direct download that is adware free below it on the FZ page.

    https://filezilla-project.org/download.php?show_all=1

    The top link (recommended) shouldn't be recommended at all. A lot of sourceforge authors are doing this to generate some cash by installing this crap. Don't use the sourceforge installer, do a download of the full program where possible, and you should be ok.
     
  12. DarthM

    DarthM Regular Member

    Joined:
    Dec 17, 2011
    Messages:
    380
    Likes Received:
    375
    Location:
    UK
    I wasted a whole evening a few days ago removing the malware (browser hijacker) installed by the Sourceforge's Filezilla installer. The installer is designed in a way to catch off-guard users.

    The way to get around it is to select "Show additional download options" on the Filezilla download page and select the ZIP file, which doesn't come with an installer. The "recommended" option (i.e. the installer) on the download page is bundled with malware.
     
  13. RSocks

    RSocks Jr. VIP Jr. VIP

    Joined:
    Aug 13, 2014
    Messages:
    153
    Likes Received:
    15
    I think its safe 100%
     
  14. V

    V Elite Member

    Joined:
    May 18, 2012
    Messages:
    2,394
    Likes Received:
    2,633
    Occupation:
    Student
    Location:
    /tmp
    Yeah, I had the same problem so I downloaded the zip file instead. No installation needed for it, plus I don't see anything unusual in the zip package. :)
     
  15. HelloInsomnia

    HelloInsomnia Jr. Executive VIP Jr. VIP

    Joined:
    Mar 1, 2009
    Messages:
    1,828
    Likes Received:
    2,939
    I see the ?nowrap version but it's still from SF and overall its a deceptive practice. Why take the risk? You may need to download it again in another 2 years and forget about all this and accidentally get herpes. There are acceptable alternatives out there after all.
     
  16. tiyowan

    tiyowan Regular Member

    Joined:
    Aug 7, 2013
    Messages:
    251
    Likes Received:
    137
    1. Open terminal
    2. sudo apt-get install filezilla
    3. Done

    Linux ftw. :)
     
  17. SEO-Julia

    SEO-Julia Registered Member

    Joined:
    Jan 17, 2012
    Messages:
    74
    Likes Received:
    10
    humpf...ops seems to be noob *ggg*
     
    • Thanks Thanks x 1
  18. Letstalkbusiness24

    Letstalkbusiness24 Junior Member

    Joined:
    Jan 31, 2015
    Messages:
    100
    Likes Received:
    15
    Me too got this alarm, but I didn't hear of Chrome.
     
  19. roadhamster

    roadhamster Regular Member

    Joined:
    Mar 12, 2012
    Messages:
    348
    Likes Received:
    248
    The only drawback of Filezilla is that it stores your ftp-passwords in plaintext in an xml file. This is why a lot of servers get hacked. Spyware-virus-adware on your computer which read the xml file and sends it to the hacker and BAM ther you go. With that in mind, don't store the ftp-passwords in filezilla, for the rest Filezilla is one of the best free ftp-proggies around. Im'sure it's soundforge offering a crappy installer with offers, adware and spyware.
     
  20. turbopugsleylx

    turbopugsleylx Jr. VIP Jr. VIP

    Joined:
    Jun 6, 2008
    Messages:
    3,258
    Likes Received:
    969
    Occupation:
    www.xgcmedia.com
    Location:
    www.xgcmedia.com
    Home Page:
    I use a Mac...never had any issues with FZ