Trojan in one little designer stack

(P J Cousin) #1

I downloaded “Webfont Helper - RapidWeaver Stack” from one little designer, a freebe offered to their client, this stack contain a trojan: Trojan.GenericKD.41405802 in source-san-pro-v12-latin.svg.
Bitdefender detected it and got rid of it


(Thomas Roegner) #2


(P J Cousin) #3

I do not have Twitter, so I cannot read your answer, could you do it normally in the forum?



(Doug Bennett) #4

Using the @ isn’t a reference to Twitter, it’s tagging someone else on the forum to draw their attention to the post.

(Thomas Roegner) #5

Thanks Doug,

just wanted to answer…

(P J Cousin) #6

I scanned the zip file with virus total: 3 trojan found and some adware; it looks like Windows viruses, possibly picked up when gathering the fonts?
Anyway, not very nice!


(Jon Meadows) #7

We were notified of the infected files and have replaced the those font files. An update was also released as a fix for anyone who downloaded the stack before the files were replaced. As stated before these viruses target the Windows operating system and are not likely to do any harm, however it is completely unacceptable for any of our products free or otherwise to contain such files and greater care will be taken in the the future when we gather files from external sources.

Specifically the Source Sans Pro (300 and 900 font weight) svg files were infected. The files were obtained directly from Google Fonts. We checked and Google Fonts is indeed serving infected font files : /

(Rob Beattie) #8

Thanks. How does one know if you have the update? I currently have 1.0.0 installed and RW isn’t showing that an update is available.


(Jon Meadows) #9

Hello Rob,

Not completley sure what happened but the update notification seems to be working as of this morning.

(Rob Beattie) #10

Thanks Jon. The update landed safely this morning.


(Angel Ars) #11

We are not seeing a update to this stack.

What is the process to update it manually?

Will the version number be different?

(system) #12

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.