Is SimpleWall Firewall tool compromised?

Posted on 2025-03-04 by guenni

Stop - Pixabay[German]A short warning to the readers of this blog who use SimpleWall as a firewall or tool for configuring the Windows Filtering Platform. A reader has informed me that the software has probably been hacked. I didn't found a proof, but there is a fact: The developer has archived the repository and is no longer developing it since then. In addition, a fake "simplewall" page has also appeared that aims to lure unsuspecting users.

Advertising

What is SimpleWall?

The free SimpleWall software is an extension that can be used as a supplement to the standard firewall used in Windows. The developer describes it as: Simple Windows Filtering Platform (WFP) configuration tool that can configure network activity on your computer.

SimpleWall

SimpleWall allows users to control all Internet traffic. Thanks to the clearly structured SimpleWall user interface, the set of rules is easy to configure.

Repository archived since Feb. 19, 2025

The developer runs this GitHub site on which SimpleWall is provided. A list of all features can also be viewed there. However, a banner appears on the GitHub page with the message "This repository has been archived by the owner on Feb 19, 2025. It is now read-only."

I have not found a reason for this on GitHub. The Simplewall Has Been Discontinued thread has been on Hacker News for a week, which assumes that development has been discontinued.

Advertising

Has SimpleWall been hacked?

A German blog reader contacte me the other day (thanks) and wrote: "The website of the excellent 'simplewall' open-source firewall for Windows has been hacked. The operator has write-protected the GitHub repo on 02/19/2025."

The reader said it might be worth a warning as there is no real alternative (open-source, lightweight, donation-funded with similar functionality and always evolving) on Windows. However, when skimming the GitHub page, I couldn't find anything about a hack and no explanation about the reason why the repository was archived.

Anyone using the software should perform hash and especially GPG verification for downloads. The Pubkey is also hosted externally(!).

New fake website

While writing this post, I also noticed a page with the URL simplewall[.]org.

FakeSeite zu SimpleWall

Here too, the blog reader pointed out to me that it was a fake page. The bug tracker refers to this problem in the entry Phishing website claiming to be Simplewall #1954.

Advertising
This entry was posted in Security, Software, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).