search

netbirdio / netbird

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
https://netbird.io
BSD 3-Clause "New" or "Revised" License
10.55k stars 473 forks source link

Bitdefender marks netbird.exe as cryptomining app #2457

Open tomashora opened 3 weeks ago

tomashora commented 3 weeks ago

Describe the problem

Bitdefender thinks that netbird.exe is trying to mine crypto. Threat name: Gen:Miner.Kenari.BitcoinCore.@N2@bGtE44 This happens firs time when the installation proces executes netbird service install but Bitdefender detects cryptomining activity at all netbird commands (netbird status, atc...).

This does not happen when installing previous versions - tested on 0.28.7 without being marked as crypto mine on the same Bitdefender definitions.

Bitdefender definitions in screenshot below.

To Reproduce

Steps to reproduce the behavior:

  1. Install Bitdefender Total Security
  2. Install Netbird 0.28.8
  3. Bitdefender automatically puts netbird.exe into Quarantine

Expected behavior

Netbird is installed correctly withtout being marked as a security threat

Are you using NetBird Cloud?

Unrelated - self-hosted

NetBird version

0.28.8

NetBird status -dA output:

N/A

Do you face any (non-mobile) client issues?

N/A

Screenshots image

image

Additional context

N/A

tomashora commented 3 weeks ago

Reported to Bitdefender Malware Lab as well and should have reply within 72hours.

mlsmaycon commented 3 weeks ago

Thanks for reporting this, @tomashora. We will look into Bitdefender white listing the programs so that we can always push our binaries for analysis.

lymington commented 2 weeks ago

New user - trying to download connector for Windows - Bitdefender still blocking (despite adding as exception) - 0.28.9

tomashora commented 2 weeks ago

@lymington Set the cryptomining protection to only detect activities

mlsmaycon commented 2 weeks ago

@tomashora we still got no response from Bitdefender on the partner program. Did you received anything from them on your submission?

tomashora commented 2 weeks ago

@tomashora we still got no response from Bitdefender on the partner program. Did you received anything from them on your submission?

@mlsmaycon they did not react on the first message so I asked them again and got response from then 2 days ago that they sent it to Malware Research Team for analysis purposes and will let me know once it's done.

I will post a comment to this issue once I have more information.

mlsmaycon commented 2 weeks ago

Thanks for the update

tomashora commented 1 week ago

Today's update from Bitdefender support:

Our Malware Research Team has finished analyzing your case.

The file is clean and detection should be removed in the next couple of updates.

tomashora commented 3 days ago

Seems to be fixed after updating netbird to 0.29.0. Bitdefender has not yet fixed the issue with netbird version 0.28.8