Open Ghasak opened 2 years ago
Same happened to me, what a shame! Was really looking forward to this Helium replacement. Please purge the Malware!!!
The malicious SHA is a0c461c94ba9f1573c7253666d218b3343d24bfa5d8ef270ee9bc74b7856e492
.
This SHA points to https://www.cisa.gov/uscert/ncas/analysis-reports/ar21-048d and something called Kupay Wallet.
Here are the details of https://github.com/kamranahmedse/pennywise/releases/download/v0.8.0/Pennywise-0.8.0.dmg
uploaded to www.virustotal.com
(various Anti Virus engines used)
Because of the extremely low number of detections I'm pretty confident that this is a false positive. Another sign for false positive: There has been some crypto-stealing malware making the news recently which was also named pennywise (totally unrelated to this software).
What is the current behavior? Maleware detected!, An infected file "Pennywise.app" was detected on your Mac. A backdoor for this application, which is super dangerous.
Expected behavior
URL attempting to access
Screenshots (Optional But May Be Requested)
Pennywise Version: following exactly the brew install
brew install --cask pennywise
==> Downloading https://github.com/kamranahmedse/pennywise/releases/download/v0.8.0/Pennywise-0.8.0.dmg
OS / OS Version: macOS Monterey version 12.4