False Positive in magento-coding-standard

Question

False Positive in magento-coding-standard

Opened this issue a year ago · 0 comments

Hi Maldetect

Sometime since my last full scan which was last week, I've noticed two files being flagged as malware yesterday.

malware hit {CAV}Php.Backdoor.Generic-10006641-0 found for /vendor/magento/magento-coding-standard/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc

maldet(7084): {hit} malware hit {CAV}Php.Backdoor.Generic-10006641-0 found for /.cache/composer/files/magento/magento-coding-standard/5cf0da126fda162c53eba8037babc7efd1dae3a9.zip

These are standard Magento files. I reinstalled the entire vendor folder and rescanned and it still flags in Maldetect. The exact same files don't flag on my site clone.

This is believed to be a false positive via Magento. See issue #460

My question is:

Why would an unchanged file that was not flagged previously start now?
Why does it not flag on my clone site?
The files are identical. If I replace one with the other it still only flags on one server and not the other.

Thank you.