[Warning] Stop Using FileZilla

HelloInsomnia

Elite Member
Joined
Mar 1, 2009
Messages
1,801
Reaction score
3,041
Edit: It appears to be Source Forge doing this so if you don't use software that uses these crappy offer installers then stop using Source Forge

Hello friends,

Yesterday I went to install FileZilla on a VPS. When suddenly Chrome blocked the download saying it was a malicious file. Since I've been using FileZilla for years now I was really surprised and so I check the VT: https://www.virustotal.com/en/file/...d5576140c083e35366cab4c5/analysis/1424317161/

It seems about a year ago (maybe more now) they added an offer wrapper to the installer to try and monetize it. Fortunately for me I never update FZ because it always clears my settings (updating probably won't install nasty stuff but better safe than sorry). With that being said it's time to go back to WinSCP or something else.
 
Last edited:
Its a false alarm,Chrome blocks all .Exe,.Jar Files which are not Signed.You can upload same file to google drive and download using that link,chrome dont block it.Bcoz Chrome blocks .exe files which are not signed by a "code signing certificate" or not downloaded from reputable safe site for downloading.

Also there may be other apps install with filezilla,but i dont think it filezilla that installing them,its "sourceforge"(Default Download source). They add extra softwares(advertisers) with any software on their site.Which you can deselect them during installation if you dont want them.
 
Last edited:
Um, sorry OP but no.

1. Install RevoUninstaller
2. Install FileZilla
3. Scan using RevoUninstaller
4. Remove any unwanted crap if you selected it by accident.
5. Keep calm and carry on.

Also, as the previous poster wrote, the issue is not only with FileZilla but Sourceforge. It seems they sold out and are going down the path that CNET went with their crappy custom installers that try to install adware on your machine. You can use something like Ninite to install FileZilla and you won't get any of the adware.
 
Last edited:
It probably is SF but I am still not using them; it's not the fact that you can get around it but the fact that it is there.
 
^^What the above guy is saying is....

When you installed/updated filezilla, there is an option to "Un-Select" That addon from sourceforge and just install Filezilla with NO toolbar/adware.

Its not filezilla thats adding the adware, its sourceforge. They try to trick people who don't pay attention to the install into installing it without them realizing.

With that being said, Filezilla is safe and doesn't install/promote any adware or extensions themselves
 
It's the fact that your downloads provider added the option to install some toolbar/adware stuff during install.

Just read carefully during intstallation and make sure not to install anything other than FileZilla.

A lot of people just click next-next-next-ok-ok-yes in a couple of seconds and then wonder why they have a system full of malware and a browser window that has more blinking lights and ads than a Vegas slot machine room.
 
Last edited:
It is Source Forge doing it after all. So I guess the lesson here is to not use SF.

Look I understand where you guys are coming from when you say just untick it. All I am saying is I don't use shitty software companies that use these methods and I know a lot of others won't want to use them because of this as well.
 
Filezilla is safe if you decline the extra bundled stuff from being installed. This is simple - Sourceforge is an open source software hosting platform. They want money, so they bundle all kind of stuff with the downloads. The actual product does not have any issues.
 
1 Never accept any promo software or whatever is called
2 Always download from the software homepage and not from 3rd party sites ;)

Some weeks ago downloaded filezilla from source forge and it installed adware on my browsers. Decided to uninstall everything and download from fz homepage. Result? No adware! :cool:
 
Don't click the top link for FZ. There's a link to the direct download that is adware free below it on the FZ page.

https://filezilla-project.org/download.php?show_all=1

The top link (recommended) shouldn't be recommended at all. A lot of sourceforge authors are doing this to generate some cash by installing this crap. Don't use the sourceforge installer, do a download of the full program where possible, and you should be ok.
 
I wasted a whole evening a few days ago removing the malware (browser hijacker) installed by the Sourceforge's Filezilla installer. The installer is designed in a way to catch off-guard users.

The way to get around it is to select "Show additional download options" on the Filezilla download page and select the ZIP file, which doesn't come with an installer. The "recommended" option (i.e. the installer) on the download page is bundled with malware.
 
I see the ?nowrap version but it's still from SF and overall its a deceptive practice. Why take the risk? You may need to download it again in another 2 years and forget about all this and accidentally get herpes. There are acceptable alternatives out there after all.
 
It's the fact that your downloads provider added the option to install some toolbar/adware stuff during install.

Just read carefully during intstallation and make sure not to install anything other than FileZilla.

A lot of people just click next-next-next-ok-ok-yes in a couple of seconds and then wonder why they have a system full of malware and a browser window that has more blinking lights and ads than a Vegas slot machine room.

1. Open terminal
2. sudo apt-get install filezilla
3. Done

Linux ftw. :)
 
The only drawback of Filezilla is that it stores your ftp-passwords in plaintext in an xml file. This is why a lot of servers get hacked. Spyware-virus-adware on your computer which read the xml file and sends it to the hacker and BAM ther you go. With that in mind, don't store the ftp-passwords in filezilla, for the rest Filezilla is one of the best free ftp-proggies around. Im'sure it's soundforge offering a crappy installer with offers, adware and spyware.
 
Back
Top