search

wakatime / wakatime-cli

Command line interface used by all WakaTime text editor plugins
https://wakatime.com/plugins
BSD 3-Clause "New" or "Revised" License
296 stars 41 forks source link

WakaTime Detected as Malicious by VirusTotal #1124

Closed syedtasavour closed 3 days ago

syedtasavour commented 1 month ago

WakaTime Detected as Malicious by VirusTotal:

I have analyzed the WakaTime executable (wakatime-win32-x64.exe) using VirusTotal, and the file was flagged by 2 out of 64 security vendors. Notably, both Google and Ikarus detected the presence of malware. The specific threat identified by Ikarus is a Trojan.Win32.Pterodo, which raises concerns about the file’s integrity and safety.

Environment:

VirusTotal Scan Details:

Steps Taken:

  1. Downloaded the WakaTime executable from the official website.
  2. Ran the file through VirusTotal for security analysis.
  3. The scan revealed a true positive detection of malicious content.

Impact:

This detection suggests that the WakaTime executable may be compromised, posing a potential security risk to users. Immediate investigation and remediation are needed to protect users who might unknowingly install a malicious version of the software.

Logs and Additional Information:

If needed, I can provide further logs or details from the VirusTotal analysis for further investigation.

gandarez commented 4 days ago

Is there something we can do @alanhamlett to prevent the cli being reported as "virus"?

alanhamlett commented 3 days ago

The new release today isn't flagging anything, so upgrading should fix any warnings:

https://www.virustotal.com/gui/file/a9b62a366308f1a6b5f0e1adcf18bcd3e7238b439725793db56adfa061104b13