Fortinet is identifying Brave Files as Malware


Description of the issue:

Fortinet is identifying the following Files as Malware. I think these alerts are false positives. I’ve opened a ticket with Fortinet but since the files are temporary they are deleted right away. One file was quarantine and I have the hash for that file. Can someone verify if this is a false positive and work with Fortinet to have the files reclassified. This issue started at the beginning of February.

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\Temp\chrome_BITS_10684_1726015827\extension_1_0_8.crx by realtime scan. Denied access to the file.

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\Temp\chrome_url_fetcher_53056_648473232\extension_1_0_8.crx by realtime scan. Attempt to quarantine file failed.

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb\1.0.8\tor-0.3.5.8-win32-brave-0 by realtime scan. The file was quaran

Malware:PossibleThreat.MU found in C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb\1.0.7\tor-0.3.5.8-win32-brave-0 by realtime scan. Denied access to the

How can this issue be reproduced?

Expected result:

Brave Version( check About Brave):
Version 1.2.43 Chromium: 79.0.3945.130 (Official Build) (64-bit)
Additional Information:

@markka,
Thank you for bringing this to our attention. It most certainly is a false positive and I’ll be reaching out to Fortinet today to see what we can do to get this resolved as soon as possible.

Excellent! Thanks for your help.