Imunify360 flagging oembed json files as malware

[MattW]

Just wanted to share this, incase anyone else is running on servers or running servers with Imunify360.

I've got a support ticket open with them currently, as their malware scanner is picking up contents in the oembed json files specifically for the legacy instagram links and performing the configured option (in my case, removing the infected content).

I've sent them all the specific details and examples of files over, and they are currently investigating.

 

[MattW]

Update:

Greetings.

Dear Matt, as a temporary measure, we have updated the signature, so that it doesn't act on these detections. An additional signature has been added, which will still detect these cases but the files will not get deleted and instead be flagged as suspicious.

The changes should reflect globally to all our customers by 12 May 2022. I hope it will be an acceptable solution for such cases.

Please, let us know if you have any other questions. We are always ready to help.
Kind Regards,