Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Avatar for Username

Søg i Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Læs mere

Windows defender caught trojan in the cache2\entries folder

thebigduck
thebigduck
more options

I recently went to a website I normally visit but accidentally misspelled the url which took me to a deceptive website. Luckily, Firefox was able to detect the site as a security threat and did not allow connection.

About 5 mins after, my windows defender caught a Trojan:Script/Wacatac.B!ml in the \AppData\Local\Mozilla\Firefox\Profiles\0efjymat.default-release\cache2\entries\. I immediately quarantined and removed it.

I understand that it could be a false positive since I read that windows defender usually catches cache files that may look suspicious to it. I have to wonder though is it still possible for deceptive website cache files to get downloaded despite getting blocked by Firefox?

Note: I have ublock extension and my Firefox browser version is 131.0.2 64-bit

I recently went to a website I normally visit but accidentally misspelled the url which took me to a deceptive website. Luckily, Firefox was able to detect the site as a security threat and did not allow connection. About 5 mins after, my windows defender caught a Trojan:Script/Wacatac.B!ml in the \AppData\Local\Mozilla\Firefox\Profiles\0efjymat.default-release\cache2\entries\. I immediately quarantined and removed it. I understand that it could be a false positive since I read that windows defender usually catches cache files that may look suspicious to it. I have to wonder though is it still possible for deceptive website cache files to get downloaded despite getting blocked by Firefox? Note: I have ublock extension and my Firefox browser version is 131.0.2 64-bit

Alle svar (2)

James
James
  • Top 25 Contributor
  • Moderator
more options

This may be a older article but it still applies = Firefox cache file was infected with a virus

You are Not infected as it will either get overwritten over time as Cache gets used or deleted if you clear the Cache. The Trojan is harmless while in the Cache.

Nyttig?

thebigduck
thebigduck Spørgsmålsstiller
more options

Thank you for the reply. I was caught off guard by how the cache still got downloaded into the folder even though Firefox prevented me from accessing the fake website.

Nyttig?

Stil et spørgsmål

Du skal logge ind på din konto for at svare på et indlæg. Start et nyt spørgsmål, hvis du ikke har en konto endnu.