Mullvad Browser blocked by v25.2

TVC15
TVC15 Posts: 108 Adventurer
edited March 11 in Device Protection

Hello,

I've tried submitting the file twice and adding the information that could be helpful, but it never finishes uploading to F-Secure.

Previously Mullvad Browser would run with F-Secure versions 19. at least as far as I remember. Now it is being quarantined by F-Secure as Drop.Win64.MemMapSelf.9214

https://www.f-secure.com/en/support/search#q=Drop.Win64.MemMapSelf.9214&f:@source=%5BThreatDescriptions%5D

When I checked the download, which was from Mullvads site on Virus Total, it only showed on obscure vender as flagging it. F-Secure did not give me a pop up notification, but only shutting Mullvad down after it has been running for about 3 seconds. I had to look in the Quarantined section to find out what happened.

Is this a false positive? I'm on v.25.2 (6.0.1641.0)

Thank you.

Accepted Answers

  • Firmy
    Firmy Posts: 2,104 Community Manager
    Answer βœ“

    Hello @TVC15

    Thank you for your patience.

    We have reviewed the issue and confirmed that it was a false positive. The app has now been whitelisted.

    If you encounter any further issues or need additional assistance, please don’t hesitate to reach out.

    Thank you, and have a wonderful day.

    Firmy
    Community Manager | F-Secure Community
    πŸ” Strengthening digital security through knowledge and collaboration
    🌐 Explore our User Guides | Knowledge Base for self-help resources
    πŸ’» Empower yourself with Cybersecurity Insights and protect what matters

  • Mullvad_fan
    Mullvad_fan Posts: 2 New Member
    Answer βœ“

    Thanks πŸ™‚, I thought of that already, but hesitate, because what if the browser really Γ­s insecure…

    And I submitted the file and URL. Hopefully it will be fixed. And if the problem persist much longer I'll exclude the browser nevertheless.

Answers

  • Firmy
    Firmy Posts: 2,104 Community Manager

    Hello @TVC15

    Thank you for your question.

    Could you please let us know which version of Mullvad Browser is being blocked by the F-Secure app? We will investigate the issue and coordinate with our labs to verify the detection.

    Looking forward to your response. Wishing you a wonderful day.

    Firmy
    Community Manager | F-Secure Community
    πŸ” Strengthening digital security through knowledge and collaboration
    🌐 Explore our User Guides | Knowledge Base for self-help resources
    πŸ’» Empower yourself with Cybersecurity Insights and protect what matters

  • TVC15
    TVC15 Posts: 108 Adventurer
    edited March 11

    Yep, here it is. It wasn't flagged when I did a right click scan, but only after installing it and running it. I did a Windows 11 restart and when it was up and running for about 3 seconds it was shut down by F-Secure as I mentioned above.

    Thank you, Firmy, for getting back to me so quickly.

    Kind regards :)

  • Firmy
    Firmy Posts: 2,104 Community Manager

    Hello @TVC15

    Thank you for your comment.

    We will consult with our labs team and once I have received feedback from our analyst, I will get back to you.

    Have a lovely day.

    Firmy
    Community Manager | F-Secure Community
    πŸ” Strengthening digital security through knowledge and collaboration
    🌐 Explore our User Guides | Knowledge Base for self-help resources
    πŸ’» Empower yourself with Cybersecurity Insights and protect what matters

  • TVC15
    TVC15 Posts: 108 Adventurer

    @Firmy thank you for checking into this, and for engineers confirming it was a FP.

    Cheers :)

  • Mullvad_fan
    Mullvad_fan Posts: 2 New Member

    Hi, I too have this problem. In the last week 2 updates of Mullvad Browser are 'blocked': the file mullvadbrowser.exe is in quarantaine. Infection: Drop.Win64.MemMapSelf.214 and …222. I can't believe the file is dangerous. I uninstalled en re-installed, updated from within the app, but the result is the same: I can't use Mullvad Browser anymore.

  • TVC15
    TVC15 Posts: 108 Adventurer
    edited March 31

    You'll probably need to add it into Exclusions, as someone else on a different forum mentioned the same thing. It was okay for awhile, then I guess the update caused F-Secure to flag it and quarantine it again.

    https://help.f-secure.com/product.html?home/total-windows/latest/en/task_13205052E3D44C44BA2491A55A7F818F-latest-en

    Or, you could do the same thing I did, and report it as a FP from here.

    https://www.f-secure.com/en/support/submit-a-sample

    Kind regards.