cogentcore
Trojan detected? (Wacatac.B!ml)
Describe the bug
The core binary was flagged as a Trojan and moved to quarantine by MS Defender
How to reproduce
This might be a false positive (my first time using Cogent Core), but didn't see mention of it with a quick search.
Performed the install steps outlined here: https://www.cogentcore.org/core/install#windows
Using go 1.23.4 Portable version of git-bash (with PATH set to find binaries)
The go install completed successfully, I updated my PATH to find the core binary, and restarted my terminal. I issued the core setup and Defender flagged the binary as Trojan/Win32:Wacatac.B!ml:
Example code
Relevant output
Platform
Windows
Thank you for reporting this. It is unclear why Windows thinks it is a trojan (it is not as you can see from the source code); the !ml likely means machine learning as discussed in various threads like this one, so it is a false positive from some algorithm. The most likely case is that Windows is misinterpreting the privileged installation steps that core setup does.
I will look into ways to fix this later, such as submitting the file to Microsoft or deploying it as a signed app, but in the meantime you can just manually install the necessary dependencies instead (because you already have Git Bash, you should only need https://github.com/skeeto/w64devkit from their releases tab).
Please let me know if you have any questions. I will leave this issue open until we take steps to reduce the chance of false positives. If anyone else has this issue, please let us know here.
Microsoft SmartScreen is not reliable technology.
The many users mark it as false-positive the faster the SmartScreen will recognize the core as good software.
Otherwise it will be hell hard to find solution.
As an option a new compiler tool set might be chosen as a default one.
