Open fxdeniz opened 1 year ago
I reached to SecureAge (4th of September) via their false positive reporting page
And within same day, I received this reply which says they will remove false positive detections.
Also, I sent e-mail to fpreport@bkav.com and bkav@bkav.com in september 4
but still no response
Today, I released the version 1.8.1
I reached to all of the vendors. Again, clearing false positives for new installer.
NeSync uses NSIS as a installer on Windows. And, antiviruses Bkav Pro and SecureAge flag exe files based on NSIS as a virus.
Detection names: Bkav Pro:
W32.AIDetectMalware
SecureAge:Malicious
Gridinsoft:Ransom.Win32.Wacatac.oa!s1
VirusTotal result for version 1.8.1 installer
VirusTotal result for version 1.8.0 installer
VirusTotal result for version 1.7.0 installer
From detection names, we can conclude that, detections are machine learning based. Both, Bkav Pro and SecureAge APEX are advertised for their AI capabilities. However, this is a false positive.
Update: Starting from september 6, Gridinsoft also marks installers for versions 1.8.x marks as malware.
To solve this issue, I'll communicate with two vendors.