search

deeponion / deeponion-legacy

Official Source Repo for DeepOnion - Anonymous Cryptocurrency on TOR Network (legacy)
https://deeponion.org
MIT License
415 stars 113 forks source link

Bug in DeepOnion Windows App as Windows Defender Detects a Trojan in the Installation Pack. #62

Closed dubemjerry closed 6 years ago

dubemjerry commented 6 years ago

Expected behavior

DeepOnion is an open source project running an anonymous and 100% untraceable cryptocurrency sent through the TOR network, has a link provided in its website meant for downloading and installing its app in Windows, Mac and Linus powered systems, users are expected to get the app in installed in their system before they will create and or run an account in the program. The 11.1Mb compressed file for Windows is expected to unzip and installation starts till completion.

Actual behavior

On downloading the app through the link provided in the in https://deeponion.org, I tried to unzip and install the app but could not because an error message displays once the compressed file extracts and a threat report is displayed by my windows defender. The details of the threat shows that there are two files Windows Defenders see as harmful. After the threat warning, installation of the app will not run again.

How to reproduce

To reproduce the error: Download the windows app named Window Wallet V1.5.1 from the website. Open the zipped folder to extract the app installer Click to open the installation file named DeepOnion-qt.exe

Recording Of The Bug

If the bug can be recorded on screen, please provide a short video or an animated GIF, otherwise delete this section. deepon.PNG deep.PNG deepo.PNG extr.PNG error deep.PNG threat 1.PNG threat.PNG


Posted on Utopian.io - Rewarding Open Source Contributors

brakmic commented 6 years ago

Thanks for your report.

However, on our website there isn't v1.5.1 but 1.5.5

Maybe the older version you downloaded was incorrectly blacklisted by your scanner. This too could happen to harmless software if there are routines that call certain System APIs or run other packages, like we do with Tor.

dubemjerry commented 6 years ago

Even till now v1.5.1 is still the labeling of the app form windows on your website.

Thanks

On Sun, Feb 11, 2018 at 9:39 AM, Harris Brakmić notifications@github.com wrote:

Thanks for your report.

However, on our website there isn't v1.5.1 but 1.5.5

Maybe the older version you downloaded was incorrectly blacklisted by your scanner. This too could happen to harmless software if there are routines that call certain System APIs or run other packages, like we do with Tor .

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/deeponion/deeponion/issues/62#issuecomment-364734029, or mute the thread https://github.com/notifications/unsubscribe-auth/AfyGab1i9VNaPPETJ2-is9EiWOvy-GDtks5tTqcrgaJpZM4SBO3J .

brakmic commented 6 years ago

When I go to our website I see 1.5.5 there. Also the binary. I do not understand what you mean. Anyway, the problem here is that some malware scanners recognize our binaries as "virus" or "trojan". This, of course, isn't the case and we try hard to make all of them "happy". However, we simply don't have enough resources to make all of them happy with our software.

But you can use our DeepVault feature to check the binary you download. The DeepVault address is below the download links.