search

tmate-io / tmate

Instant Terminal Sharing
https://tmate.io/
Other
5.55k stars 298 forks source link

tmate-2.4.0-static-linux-amd64.tar.xz release flagged as `Trojan:Linux/Hildegard.A!MTB`? #260

Closed chgeuer closed 2 years ago

chgeuer commented 2 years ago

It seems the most recent release is flagged as Trojan:Linux/Hildegard.A!MTB by Microsoft Defender... Can anyone confirm?

Detected: Trojan:Linux/Hildegard.A!MTB

containerfile: C:\Users\...\Downloads\tmate-2.4.0-static-linux-amd64.tar.xz

file: C:\Users\...\Downloads\tmate-2.4.0-static-linux-amd64.tar.xz->(xz)->tmate-2.4.0-static-linux-amd64/tmate

webfile: C:\Users\...\Downloads\tmate-2.4.0-static-linux-amd64.tar.xz
https://objects.githubusercontent.com/github-production-release-asset-2e65be/
10651420/8521fa80-0894-11ea-858c-2325bbcb22bb?
repo_id=10651420&
response-content-disposition=attachment%3B%20filename%3Dtmate-2.4.0-static-linux-amd64.tar.xz

Details: This program is dangerous and executes commands from an attacker.
nviennot commented 2 years ago

I would think this makes little sense as the file is coming straight out of github action builds

chgeuer commented 2 years ago

Closing this, given I'm not sure what to do about it. Just wanted to record that Defender raises this alarm.