Found a Virus when i downloaded the repo

Enigmatic-Mind / Monroy_Template_Vault

An Obsidian vault that provides a detailed walkthrough of both core and community plugins in Obsidian, along with a GTD (Getting Things Done) influenced project management system, to help both new and experienced users enhance their productivity.

43 stars 5 forks source link

Found a Virus when i downloaded the repo #2

Open sohamxz opened 8 months ago

sohamxz commented 8 months ago

Yeah So i am not sure but i found a "Wacatac.B!ml Trojan" The moment it infects your system, it puts you at risk for identity theft, data infection, and financial loss. Further, it will drain m GG2tsL4awAA3Vge any resources in the background without your knowledge

Enigmatic-Mind commented 8 months ago

@sohamxz what antivirus software did you use? I'll try replicating it on my windows computer to see which community plug-in its coming from or if its a false alarm.

Enigmatic-Mind commented 8 months ago

@sohamxz windows defender isn't finding anything; I have the vault zipped and unzipped as you can see on the left. Can you tell me more about which anti-virus software you are using, and what setting you have set for the scan if possible? threat scan

I am also currently running sophos home premium to see if it detects anything.

Enigmatic-Mind commented 8 months ago

I rescanned with windows defender (just the downloads folder) and with the Sophos Home Premium antivirus (my university gives free access), but nothing was found: threat scan 3

sohamxz commented 8 months ago

Yeah So i have Malwarebytes premium and windows defender , So when ever i am trying to download the vault from GitHub as a zip file , I tried it like 5 times getting same Trojan So to check it wasn't the problem in my end or IDM or GitHub related i tried to downloaded "https://github.com/kepano/kepano-obsidian" which is kepanao's Obsidian Template Vault
which got downloaded without a problem or any Virus | Malware | Trojan All these are failed IDM Download logs , Which got interrupted due to the Antivirus. I didnt want to compromise the System So i didnt "Allow" the file to open !, So i could not run it in VirusTotal for Scan.

Enigmatic-Mind commented 8 months ago

I downloaded malwarebytes premium (trial), and it did not detect anything.

Here are a few scenarios I can think of:

Is your windows up to date? This could be a false positive.
The only code I introduced is in the scripts folder (script_one.js and script_two.js). I did use ChatGPT to help write these, so maybe windows defender is detecting these because they are scripts and written by an ML?
One of the community plug-ins has a virus, which would be pretty serious and important to the obsidian community.

I can create a branch from the main without the script folder and see if that changes anything. Everything else is just md files, images, and community plug-ins.

Let me now how you want to proceed. Thanks for bring this up and helping debug this.

threat scan 4