webtorrent-desktop icon indicating copy to clipboard operation
webtorrent-desktop copied to clipboard

Published 20 hours ago verified publisher icon webtorrent

11 antivirus engines work on the installer.

Open AndreyDedov opened this issue 2 years ago • 7 comments

v0.24.0

Windows 10

https://www.virustotal.com/gui/file/08b97a6a4b5999bd0f0c2f0eb368eb938a16c373999b672db24ea89664d35714

Expected virus-free software lol!

NO!

AndreyDedov avatar Jun 23 '22 09:06 AndreyDedov

yes, I want to add this app to winget. But, it got flagged as a PUP. Is this false alarm? image

dtantono avatar Jul 23 '22 03:07 dtantono

Antivirus software works on heuristics -- it tries to identify malware based on patterns. For reasons you could probably divine, malware sometimes distributes payloads and updates through peer to peer means.

Webtorrent Desktop is open source, so if you have any hesitations, feel free to inspect the code it runs and verify the AV categorization. Unless you have a specific accuation, please close the issue.

SamTwining avatar Jul 23 '22 03:07 SamTwining

Antivirus software works on heuristics -- it tries to identify malware based on patterns. For reasons you could probably divine, malware sometimes distributes payloads and updates through peer to peer means.

Webtorrent Desktop is open source, so if you have any hesitations, feel free to inspect the code it runs and verify the AV categorization. Unless you have a specific accuation, please close the issue.

I still have doubts about false positives because the last release v0.24.0 is virustotal clean https://www.virustotal.com/gui/file/4e908c53f6ffdd5b4dd9a92800816f7ab1cb20669aef17eca1041b87885f71c5

AndreyDedov avatar Jul 23 '22 03:07 AndreyDedov

I still have doubts about false positives because the last release v0.24.0 is virustotal clean https://www.virustotal.com/gui/file/4e908c53f6ffdd5b4dd9a92800816f7ab1cb20669aef17eca1041b87885f71c5

I'm not an active developer of this repository but I've cloned the repo and will be inspecting it -- If you have evidence of malicious code then by all means, please submit it for review. This is a popular repo with dozens of contributors, so the likelihood of something being overtly malicious within the codebase is not impossible but at least unlikely, or highly conspiratorial.

If you don't have something to present other than the false positive, please close this issue until you do.

SamTwining avatar Jul 23 '22 03:07 SamTwining

I did some testing on a clean Virtualbox VM and i cannot find any traces of Adware, however it might be blocked by a strict host system wide DNS or it did not run because it detected a VM.

WinGet does not manually approve False Positives, contact the AV's to get it unflagged or remove the malicious code which might have gotten implemented in version 0.24.0.

Since its 2 years since the last release, would there be any changes in a new compile?

OfficialEsco avatar Jul 23 '22 09:07 OfficialEsco

  • 213.34.163.254:5023 *178.255.168.117:8621 https://www.abuseipdb.com/check/178.255.168.117 https://www.abuseipdb.com/check/213.34.163.254 Definitely bad ip.

AndreyDedov avatar Jul 23 '22 10:07 AndreyDedov

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

github-actions[bot] avatar Sep 21 '22 12:09 github-actions[bot]