stripe-cli icon indicating copy to clipboard operation
stripe-cli copied to clipboard

Published 20 hours ago verified publisher icon stripe

Windows detects the Stripe CLI as a virus/trojan

Open tomer-stripe opened this issue 3 years ago • 17 comments

Windows anti-virus scanners will occasionally flag the Stripe CLI as containing a virus or trojan. This is very likely a false positive. We upload the binary to VirusTotal on every new release for analysis but anti-virus software will occasionally get tripped up by compiled Go binaries: https://golang.org/doc/faq#virus

We've been working to resolve this for months but have not been able to find a permanent solution yet.

If you have any concerns please let us know here.

tomer-stripe avatar Jun 16 '21 20:06 tomer-stripe

Hi, Are there any alternative method for download Stripe CLI, still Windows detects the Stripe CLI as a virus/trojan

Randima-Lahiru avatar Nov 04 '21 06:11 Randima-Lahiru

Hey @Randima-Lahiru! The downloading process itself is not the problem, it's the actual compiled binary. You could try cloning the source and compiling it locally to see if that helps but there might be some weird behaviors there as you'd be running it in "dev mode"

tomer-stripe avatar Nov 08 '21 16:11 tomer-stripe

Downloading is now also a problem, it seems like the CLI is also being tagged as malicious by Chrome as well

gracegoo-stripe avatar Jun 10 '22 21:06 gracegoo-stripe

Actually, I think it's still the windows defender that is blocking the downloading, not chrome

gracegoo-stripe avatar Jun 10 '22 21:06 gracegoo-stripe

scoop will not allow it to install either.

justinasmussen avatar Jun 15 '22 09:06 justinasmussen

Ah, righto this is all very interesting.

Not sure if this helps but on Thursday the x86-64 version was marked as containing a virus and then on Friday it was the i386 version.

I don't think any of the ZIP files changed in any way. Should we engage with the Microsoft Defender team to help get some logs or information that could help?

What build image is used to generate the Zip and/or the build process? Could there be something in that? Maybe changing operating versions? I noticed there was a commit that was a part of moving away from Bitnami, something there perhaps? When I get some time I'll clone the repo and see if I can reproduce it locally on my Windows 11 machine. Is it Windows 11?

clintonrocksmith avatar Jun 17 '22 21:06 clintonrocksmith

I'd like to bump this as it pretty much halts the development for one of my projects, at least with this payment processor. Telling my SysAdmin "Trust me, this isn't a virus" doesn't exactly fly when both Chrome and Windows flagged it as such. At least the checksum matches.

iNetDaniel avatar Jun 28 '23 15:06 iNetDaniel

Despite this being closed...I see that the exe is not digitally signed so Windows does continue to warn. Stripe being such a big company, why are they not spending little time/effort to fix this problem?

ptpavankumar-verdicode avatar Dec 03 '23 02:12 ptpavankumar-verdicode

The app is still unsigned as of March 2024, but is no longer reported as a virus. Adding a firewall and running it in a sandboxed machine is overkill for this sort of task.

Raven0us avatar Mar 26 '24 07:03 Raven0us

Same problem here

sovetski avatar May 04 '24 15:05 sovetski