Importing from another browser is detected as a malware by Sophos Endpoint

[michelchafouin]

What happened?

After installing the portable version and launching it for the first time, I clicked import settings / bookmarks from the wizard and it got detected as a malware.

Creds_2a (T1555.003) detected at C:\Users\chafouin\Desktop\zen\zen.exe

I use Firefox and imported settings from other browsers a few months ago without any warning.

Reproducible?

• [X] I have checked that this issue cannot be reproduced on Mozilla Firefox.

Version

1.0.0-a.19

Severity impact

Medium

What platform are you seeing the problem on?

Windows

Relevant log output

No response

[sammy08300]

I'm not in the best position to explain everything but I'm attaching some reddit posts that talk about it (the first has the dev's answer on the subject).

But to cut a long story short: It's a false detection because Zen doesn't have enough signatures, because it's Windows licenses that you have to buy, and they're getting more and more expensive.

https://www.reddit.com/r/zen_browser/comments/1esh723/comment/li7e7o6/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button

https://www.reddit.com/r/browsers/comments/1egxdlq/kaspersky_detected_a_trojan_in_zen_browser/

https://www.reddit.com/r/zen_browser/comments/1ehvcsu/windows_defender_flags/

[fritol]

avg does the same, detects Win64:Evo-gen [Trj]

[Donnnno]

We're working on getting an app-signature for Windows, that will likely fix the issue! https://github.com/zen-browser/desktop/issues/432 https://ko-fi.com/zen_browser/goal?g=210

[mr-cheffy]

Duplicate of https://github.com/zen-browser/desktop/issues