edrlab
Thorium Reader is identifed and detected as a malicious file
The latest version of Thorium Reader is identified and detected as a malicious file which erodes confidence is using the app. While it is entirely possible that it may be a false positive, users may be discouraged to use it.
Hello, thank you for your feedback. The file you tested is the application installer, which (I suspect) does more than the actual application during its normal operation. That being said, I see that the report also includes information I recognise from Thorium's normal runtime (all of which is open source), so the testing tool seems to also launch Thorium (at least the library window). It would be interesting to test other well-known / well-trusted Electron applications to see if the "malicious" flag is also raised :)
Thanks. There doesn't appear to be a portable version that only includes the executable. Having tested a well-known/trusted Electron app, it isn't identified as malicious in the same way Thorium Reader is. Since many users won't have the experience or skills to review or compile the source code, it would be beneficial for EDR Lab to look into making changes that don't indicate malware like behavior.