dist version has been detected as malware

marcocesarato / PHP-Antimalware-Scanner

AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.

https://marcocesarato.github.io/PHP-Antimalware-Scanner/

GNU General Public License v3.0

644 stars 108 forks source link

dist version has been detected as malware #100

Open elmarbransch opened 8 months ago

elmarbransch commented 8 months ago

The downloadable version in the dist folder has been detected by clamav as malware.

If you look into the file, there are nearly 300 lines of code in the beginning that look suspicious. It might only download patterns and other necessary stuff with this section - it did not reverse engineered it...

I was only informed by our ISP about this finding - it did not scan myself and thus cannot provide the details at this time.

Is this a known issue?

thanks

marcocesarato commented 8 months ago

Thank you for bringing this to my attention. I understand your concern regarding the detection of malware in the downloadable version of the code. The detection you're experiencing is a false positive, as it's not uncommon for certain antivirus programs to flag legitimate code as suspicious due to patterns or behaviors that resemble malware.

arjhun commented 3 weeks ago

windows defender also detects the downloadable release as a PHP:backdoor