Unable to download Crytomator 1.5.1 from cloudfront.net (blocked by Malwarebytes)

Hi, I try to download Crytomator 1.5.1 for Windows 10 from the website, but it was blocked by Malwarebytes which regard browser (chrome) download file from cloudfront.net as suspicious of Trojan:

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Trojan
Domain: d29vzk4ow07wi7.cloudfront.net
IP Address:
Port: 443
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

I failed to bypass this blocking. I finally give up and go to github to downloaded 1.5.1 instead.

Although it seem more likely a false alarm of Malwarebytes, I still believe malware protection is necessary, so please consider using other download services that could pass scanning from Malwarebytes and other Antivirus.

Thank you.

From which site did you start the download?

I have clicked hyperlink displayed on Crytomator 1.5.0 (win 64) check update.
It open https://cryptomator.org/downloads/ on chrome.
Then click the Download button, it go to URL below (I copied from chrome history):

It was blocked by MalwareBytes immediately. Even I select skip this warning, next request is still blocked. When I skip again it just go to the first URL and so on.

I like to ask for another issue, I like to verify download from Github, but it is difficult using gpg to verify when I could not have obtain the public key. Any easier way e.g. also post SHA-256 of file.

Thanks and regards,

I wasn’t aware that Bintray (our binary hoster) uses Amazon’s CDN.

Is your anti malware tool having a problem with cloudfront domain? Or is it the exe in particular?

You should see the SHA-256 below the download notification:

Bildschirmfoto 2020-04-23 um 09.08.11

I could not open that download page which has been blocked.

I see. Well I don’t know how a domain can be a trojan. But I guess downloading via GitHub is then your only other option.

I think it is the whole URL that not accepted by Malwarebytes.

Please advise location of Public key for verification of files in Github.

So you can access https://d29vzk4ow07wi7.cloudfront.net/ in your browser?

Public key still has to be added to the website (we forgot that during the redesign)… see:

You can find it in the meantime here:

Thank you. I can import the public key and successfully verify files downloaded from github.