BitDefender finding a lot of infected files in Safari's core folders--coincidence?

Yesterday I updated Safari to version 16.6 (with Monterey installed as the OS, not Ventura). Later that day BitDefender notified me that a number of files had to be quarantined. They were all listed as trojan horses. Furthermore, ever single file that was quarantined was in one of two folders:

  • ~/Library/Containers/com.apple.safari/Data/Library/Caches/com.apple.safari/WebkitCache/Version 16/blobs
  • ~/Library/Containers/com.apple.safari/Data/Library/Caches/com.apple.safari/WebkitCache/Version 16/Records

In each case the threat is JS:Trojan.Cryxos.12423.

Here's the thing: I've been running BitDefender for a long time and it has never found anything in the past. Maybe it's just a coincidence that it happened to find issue after I installed Safari version 16.6. And maybe it's a further coincidence that the questionable files are all in a directory devoted to Safari.

However, considering all these pieces of information, I can't help but wonder if there is a connection and I'm curious if anyone has any thoughts.

For context, I'm using a 2020 MacBook Air M1 (I also updated to Ventura yesterday).

Tagged:

Best Answer

  • Gjoksi
    Gjoksi Defender of the month mod
    Answer ✓

    Hello.

    I think that the best option for you is to contact Bitdefender Consumer Support, as the support engineers could take a deeper look at the issue, so do the steps below.

    First, take screenshot(s) of the issue,

    create a log file on your MacOS device using BDProfiler, by following these steps:

    and

    create a log file on your MacOS device using BDsysLog, by following these steps:

    Next, contact Bitdefender Consumer Support by e-mail:

    with short description of the issue.

    After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

    Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.

    Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.

    Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.

    Regards.

Answers

  • One point of clarification: BitDefender is finding threats in those directories on a regular basis--i.e., this was not a one-off instance. As I mentioned, before installing Safari 16.6, BitDefender literally never found anything on my computer, but now it's finding threats only in those directories on a regular basis.

  • Thank you, I can't help but wonder if these are false positives--I will get in touch with support and I will follow the steps you outlined.