Closed pydis-bot closed 4 years ago
pydis-bot
commented
5 years ago Comment from Chris Goes:
+1 this, though maybe with a list of extensions that are executable on various platforms, like .app. Also, someone mentioned that it doesn't matter what the extension is. Yes, true, but on Windows extensions matter, so if someone names their Trojan something.txt, then they're obviously trying to be malicious, and a different mechanism should be used to deal with those cases.
pydis-bot
commented
5 years ago Comment from Chris Goes:
To deal with malicious uploads, I propose a cog that automatically scans any attachments using VirusTotal. If an attachment is found to be malicious, it's automatically deleted, and a report is filed in mod-alerts including an @everyone mention to alert the staff team to the situation. To start, we could block anything that has a hit on VirusTotal. If that proves to be too strict (many AV providers are notorious for false positives), then we could tune it until we hit a margin that provides acceptable protection without being too much of a bother.
lemonsaurus
commented
4 years ago This has been implemented.
Originally posted by sco1:
In light of today's trojan upload to #show-your-projects I'd like to propose that, for security reasons,
*.exeuploads automatically be deleted by Python, with an accompanying request that the source be provided instead.For context: