Hi
Our app, Radioplayer v6.6, has been tagged by Cortex XDR as malware.
Please whitelist it.
We're a reputable non-profit company: https://www.radioplayer.org
I had a similar instance with the Spectrum App.
I would recommend to go to the Cortex XDR tenant and find this specific incident. Locate the wildfire information and identify the action/behavior that triggered that verdict.
In the case of the Spectrum mobile app, I downloaded the Wildfire report from Cortex XDR and found out that this app was trying to contact a fishy URL. The URL had no information and was potentially malicious (virustotal was inconclusive I think, can't remember), it could have been just a brand new domain which could also trigger URL filtering to flag as malicious.
Example of another similar incident:
Info given in screenshots posted above.
App hash: f80297408af811666d54e5305accd9b27cbf0713097014a94f91c3ac7d6d16a1
Signature hash: f2782f7234b6091b1693bbeedffacc45
Link to Virustotal report for the file: unknown
Current VirustTotal Verdict: Malware
Description: see screenshots
Gotcha, no problem. Whomever installed Cortex XDR agent on your device perhaps your IT department, or your managed services provider, etc, would know.
That is the central point of intelligence for your Cortex XDR deployment. Your Cortex XDR agent is connected to it and sends information to this central location and this central location sends information back to your device as well as instructions.
Your Cortex XDR / IT / Security team could also report the verdict as incorrect as follows:
I would first take a look at the previously mentioned Wildfire report to get a concrete idea of what triggered this verdict. This is potentially something that the developers of the the radioplayer app will find useful and will address it.
