Fortinet is identifying Brave Files as Malware

Description of the issue:

Fortinet is identifying the following Files as Malware. I think these alerts are false positives. I’ve opened a ticket with Fortinet but since the files are temporary they are deleted right away. One file was quarantine and I have the hash for that file. Can someone verify if this is a false positive and work with Fortinet to have the files reclassified. This issue started at the beginning of February.

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\Temp\chrome_BITS_10684_1726015827\extension_1_0_8.crx by realtime scan. Denied access to the file.

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\Temp\chrome_url_fetcher_53056_648473232\extension_1_0_8.crx by realtime scan. Attempt to quarantine file failed.

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb\1.0.8\tor- by realtime scan. The file was quaran

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb\1.0.7\tor- by realtime scan. Denied access to the

How can this issue be reproduced?

Expected result:

Brave Version( check About Brave):
Version 1.2.43 Chromium: 79.0.3945.130 (Official Build) (64-bit)
Additional Information:

Thank you for bringing this to our attention. It most certainly is a false positive and I’ll be reaching out to Fortinet today to see what we can do to get this resolved as soon as possible.

Excellent! Thanks for your help.

I’m having exactly the same problem. It’s super annoying.

Yep I just started getting the same issue on Kaspersky as of today after updating to the latest definitions database and running a full scan.

I don’t know if it’s related to Fortinet.

Weirdly as it sounds, COMODO Killswitch registers tor- contained inside Brave-Browser-Nightly\User Data\cpoalefficncklhjfpglfiplenlpccdb\1.0.8 as unknown and untrusted.

Will be throwing this file into my sandbox to test.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.