Windows Security reporting trojan virus on Altus v5

amanharwara / altus

Desktop client for WhatsApp Web with themes, notifications and multiple account support

GNU General Public License v3.0

457 stars 65 forks source link

Windows Security reporting trojan virus on Altus v5 #273

Closed cobrabr closed 5 months ago

cobrabr commented 5 months ago

Describe the bug Altus v5's executable is being reported as a trojan (Trojan:Script/Wacatac.B!ml) by Windows Security.

To Reproduce Steps to reproduce the behavior:

Install Altus v5.
Run it.

Screenshots

Information: Version Info (Go to About > About and click "Copy Version Info"): Can't open it, since Windows quarantines the executable.

cobrabr commented 5 months ago

Any news on this?

amanharwara commented 5 months ago

This is most likely a false positive. The release is automatically built and uploaded using CI. If you look at the VirusTotal result for this, nothing shows up https://www.virustotal.com/gui/file/53cba1eb694a591855435b575b29eda24f1a3e2c45d3664dd39065a178bb7e5c

cobrabr commented 5 months ago

Right, but that's the setup EXE, not the actual app EXE. Scanning the actual Altus.exe file on VirusTotal does show a virus: https://www.virustotal.com/gui/file/00ea166dddce35d8235464c7719fc40bccc6abbc8960577599833305bdf2bb38

amanharwara commented 5 months ago

Your concern is totally understandable, but 1 out of 63 seems like it's probably a false positive. If that is too much of a risk for your threat model, consider running it directly from the source by cloning the repo locally and compiling it yourself. I try to make sure, to the best of my ability, that any sort of dependency I use is actually safe.