Malwarebytes stopping Envdir update as Naiman Trojan

Question

This just started happening this morning. It wasn't happening a week ago. I use Malwarebytes Premium with real time protection, and I trust it quite a bit. This morning when I tried to run Envdir update, Malwarebytes immediately stopped and quarantined the Envdir update as importing a Naiman Trojan (a fairly pernicious form of ransomware).

This is probably just a false positive (although Malwarebytes has very few of those), and I can make an exclusion. But I wanted to check if anyone else with maybe a different AV wasn't getting the same reaction. I just worry that the Toga Projects portal or landing page may have been compromised with a redirect (it can happen: hackers, like rust, never seem to sleep).

Thanks, I really do enjoy the products.

-Bob

MaximeK · Accepted Answer

Hello Bob,We just renewed our digital signature in our installers and updaters as the previous one expired recently, malwarebytes probably just don’t recognize the digital signature yet.It may happen with a very small number of antivirus programs but serious ones shouldn’t signal our installers as dangerous. I never understood how they could determine such a simple installer as dangerous to be honest.A hack could indeed have happened but I just checked and that’s not the case, everything is normal. Don’t worry, our installers are virus free and you can use them, updaters included, with a total confidence.If this keeps happening, we will check closer a use a new signature again.

bobm · Answer

Thanks Maxime. Yes, as said, probably just a false positive, and I'll make an exclusion. I thought I should check first. Keep up the good work.-Bob