Inconsistent results with F-Secure for Mac

i90rr

Hi all, first post here.

 

I'm a happy Freedome user on my Macs and Android devices and I trust in F-Secure's expertise, that's why I'm a little bit shocked after learning that the Mac version of the antivirus solution doesn't detect a PUA (potentially unwanted application) widely known for deploying crapware; I'm talking of the (in)famous uTorrent client.

 

As you can see in the screenshot shown below the malware shipped with uTorrent is correctly detected on-the-fly just after the DMG container is opened effectively blocking the payload:

 

Malware/infection detected by Avast

Now, that's performing a local scan.

Virustotal.com shows similar results:

 

Malware/infection detected by Virustotal

As you can see here F-Secure correctly detects the payload shipped with uTorrent, which is not the case with the desktop application!

 

I remember that some years ago (a few, actually) F-Secure used to employ a 'hybrid' system of malware scanner using an in-house scanner coupled with Kapersky's engine; I'm not sure what is the case nowadays though. 

 

I would like to learn from someone of the F-Secure Antivirus team why the discrepancy as before finding this issue(?) I was ready to cash-out and buy the solution.

 

Best regards.

 

[Deleted User]

Hi i90rr,

 

Welcome to our Community! Regarding your post, I am checking with the team about the detection. I will keep you posted once I get a response.

[Deleted User]

Hi i90rr,

 

The FSAV for Mac team looked into this issue. The uTorrent sample detection has now been added to ORSP and should  be detected by SAFE for Mac.

i90rr

Hi Laksh,

 

Thanks! I'm seeing the same behavior with Vuze and Leap (https://www.vuze.com), could you please look at it?

[Deleted User]

I have highlighted it to the Product team for further action. If there is any update from the team, I will keep you posted. Thanks for sharing, @i90rr!