search

fabulouspanda / MacMiner

The first native Mac GUI for Bitcoin, Litecoin and Alt Coin mining
http://macminer.fabulouspanda.com/
216 stars 72 forks source link

Virus warning #12

Open haojp opened 7 years ago

haojp commented 7 years ago

OSX.Trojan.Gen

fabulouspanda commented 7 years ago

This is a false positive that is very common with bitcoin miners, as how if you have google safe browsing turned on in safari it warns you about the official cgminer page here http://ck.kolivas.org/apps/cgminer/

google bfgminer virus

If you're still worried that the binaries are viruses, you can always delete them without executing them and compile bfgminer/cgminer yourself from their repos. That's kind of the point of open sourcing the code.

haojp commented 7 years ago

The site ahead contains harmful programs

Attackers on ck.kolivas.org might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). Learn more

Automatically send some system information and page content to Google to help detect dangerous apps and sites. Privacy policy HIDE DETAILS Google Safe Browsing recently found harmful programs on ck.kolivas.org.

If you understand the risks to your security, you may visit this site before the harmful programs have been removed.

fabulouspanda commented 7 years ago

Yes, that's a google safe browsing warning. But cgminer has been around even longer than MacMiner (cgminer is a dependency of MacMiner) and that's not a virus either. And I quote from a previously raised, still open issue on this point you seem to have missed:

"However I sent the files over to ClamXav themselves to check over on Friday and they came back Monday saying they can't be certain they have Trojan's, they just see a lot of them in mining software."

People who distribute malware sometimes include miners to make money, this results in miners being false flagged by antivirus software.

github-ptaylor commented 6 years ago

Hi Fabulous Panda

I also received (5) warnings of blocked threats while on your website, downloading MacMiner.

You can view the screenshot which shows the specific files that are reported as infected:

screen shot 2017-11-16 at 2 52 42 pm

Sincerely, Patrick

github-ptaylor commented 6 years ago

Update

I scanned the entire zip file and (18) infected files were found, screen shot attached.

screen shot 2017-11-16 at 3 16 17 pm

fabulouspanda commented 6 years ago

They're not viruses, if you ask avast about it they're probably going to tell you they aren't sure they're viruses either but they flag them because miners are often used in malicious software. There's not really anything I can do about this.

winkelsdorf commented 6 years ago

@github-ptaylor But you see that in your screenshot the "infections" are clearly flagged as [Tool] and [PUP] (= Potentially unwanted program)?

A Tool or a PUP (https://en.wikipedia.org/wiki/Potentially_unwanted_program) may be installed together with a Trojan/Virus, but is no Trojan/Virus itself.

If you are the one installing it, it is clearly not "unwanted".

That's why Anti-Virus products have whitelists where you can add something to.