So I ordered a custom request from a seller and he delivered what I requested. But as an added bonus for no reason, he sent me a publish.zip file which he told me to “plz uncompress the folder”. Of course I did not suspect anything given his high ratings on fiverr. I clicked on it and immediately, Google Chrome
has labeled it malicious and has blocked it. I did not do any more extensive scanning on the file.

[File removed due to name]

Please see screenshot as evidence.

As a seller myself, I would find it highly unlikely that any seller, for any reason, would knowingly send a malicious file. Moreover, if someone was to do so intentionally, I highly doubt that they would do so in such an obvious way. My personal feeling here, is that if you have received a malicious file from a seller, it is likely by accident.

As for how this could happen, sellers like me receive and send files all the time on Fiverr, so it’s not difficult to imagine that one or a few of us could unwittingly distribute something malicious at some point. In fact, I use Linux. In this case, my computer will never be affected if I receive virus via a malicious file. However, it would still be possible for me to pass such a virus on to a Windows computer without realizing.

Best practice in this case, is to always scan any received files prior to opening them. Also, in your specific case, I would contact the seller in order to ask why they sent you this file and explain your concerns.

I hope this helps.

Just because you use Linux doesn’t mean you can’t get infected by a virus, that’s an old wives tale, your system is only as secure as the person using it! Plenty of noobs use Linux or OSX and think they can’t get infected, it’s the complete opposite, plenty of vulnerabilities, for example a noob using Linux browses with say Firefox and still has Flash, Java or WebRTC enabled, even the greenest of script kiddie hackers could exploit any one of those within a few minutes and oops there’s goes your bank account or identity…
Knowledge is power, ignorance is suicide.

I’m actually very aware of what vulnerabilities exist in linux and do take full precautions. However, I did not mean to sound superior to anyone using Windows, I was just attempting to highlight how the situation mentioned above could very easily occur and why it is important to scan all files received over Fiverr in order to help avert having a computer compromised either on purpose or accidentally. My apologies if there was any confusion in this regard.

All gd, just pointing out the facts, I argue with too many noobs who think they’re safe using a Linux box or a Mac straight out of the box and don’t even both to harden them further, 9.999999/10 it’s always the browser and the individual using it that will infect the device, yet of course they will always cry hacker when it happens, LOL