Vivaldi triggering Cisco Ransomware Warnings



  • At my workplace vivaldi is triggering Cisco for Ransomware. I'm not a part of the security team but they game me the following information.

    vivaldi malware.png

    SHA-144dded9f4e50f0c9333f6c79564dc306241d46cea2f32e0ebcbdb70bc4d8f57
    
    Affected Files:
    E:\User Data\Default\Service Worker\CacheStorage\eb8379e540732e8b03e302d81d0a60eb34afd054\a1fa8b1f-2ed5-4b56-b646-77c9421ac498\4cbbeefc207ac611_0
    E:\User Data\Default\Service Worker\CacheStorage\eb8379e540732e8b03e302d81d0a60eb34afd054\a1fa8b1f-2ed5-4b56-b646-77c9421ac498\52465de2acbd1d50_0
    E:\User Data\Default\Service Worker\CacheStorage\eb8379e540732e8b03e302d81d0a60eb34afd054\a1fa8b1f-2ed5-4b56-b646-77c9421ac498\a2507e10f0f7f633_0
    E:\User Data\Default\Service Worker\CacheStorage\eb8379e540732e8b03e302d81d0a60eb34afd054\a1fa8b1f-2ed5-4b56-b646-77c9421ac498\06cfd52032db4738_0
    E:\User Data\Default\Service Worker\CacheStorage\eb8379e540732e8b03e302d81d0a60eb34afd054\a1fa8b1f-2ed5-4b56-b646-77c9421ac498\6ff8253b80a3ea84_0
    File full path: E:\Application\vivaldi.exe
    File SHA-1: 3c86a6bbb41c24059db0018e83e3efd739166d63.
    File MD5: 917a08d3bee86f72a5677d4c464317e5.
    File size: 1766984 bytes.
    File signed by Vivaldi Technologies AS with certificate serial 039f5c6e32e8efc888125782b16bed8b from DigiCert EV Code Signing CA (SHA2). Expires 12:00:00, Wed Jan 6 2021 UTC. the certificate was warn trusted
    File cert MD5: bb47759145adb794fad7125ae8cf9097.
    File cert SHA-1: 211a93f9ed2d8c39d934c04c2be7a60c7e43a21e.
    Parent file SHA-1: 1fa77533c9fb27b4b3e1ea41cbe7842717a0a3c5.
    Parent file MD5: 7e9bf4b5072126fec658cc70a254deab.
    Parent file size: 713800 bytes.
    Parent file signed by Vivaldi Technologies AS with certificate serial 039f5c6e32e8efc888125782b16bed8b from DigiCert EV Code Signing CA (SHA2). Expires 12:00:00, Wed Jan 6 2021 UTC. the certificate was warn trusted
    

  • Moderator

    This is probably relevant:

    https://quickview.cloudapps.cisco.com/quickview/bug/CSCvq59864

    Looks like a false positive on Cisco's side.


  • Moderator

    False Positive.
    Please do report that to Cisco support.



  • @mtaki14 thanks for letting me know. I’ll get this over to our security team. Chrome was getting flagged also.



  • @Gwen-Dragon said in Vivaldi triggering Cisco Ransomware Warnings:

    False Positive.
    Please do report that to Cisco support.

    I’ll report this to Cisco as soon as possible, thank you



  • @Gwen-Dragon said in Vivaldi triggering Cisco Ransomware Warnings:

    False Positive.
    Please do report that to Cisco support.

    Our security team is going to submit a false positive report.

    I would like to thank everyone for their quick response. I don't want to lose my favorite browser.


  • Ambassador

    @mdoverl said in Vivaldi triggering Cisco Ransomware Warnings:

    @mtaki14 thanks for letting me know. I’ll get this over to our security team. Chrome was getting flagged also.

    Don't tell Cisco this about Chrome ¬¬


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.