dnet890
commented
2 years ago yes, I want to add this app to winget. But, it got flagged as a PUP. Is this false alarm?
Closed AndreyDedov closed 1 year ago
dnet890
commented
2 years ago yes, I want to add this app to winget. But, it got flagged as a PUP. Is this false alarm?
SamTwining
commented
2 years ago Antivirus software works on heuristics -- it tries to identify malware based on patterns. For reasons you could probably divine, malware sometimes distributes payloads and updates through peer to peer means.
Webtorrent Desktop is open source, so if you have any hesitations, feel free to inspect the code it runs and verify the AV categorization. Unless you have a specific accuation, please close the issue.
AndreyDedov
commented
2 years ago Antivirus software works on heuristics -- it tries to identify malware based on patterns. For reasons you could probably divine, malware sometimes distributes payloads and updates through peer to peer means.
Webtorrent Desktop is open source, so if you have any hesitations, feel free to inspect the code it runs and verify the AV categorization. Unless you have a specific accuation, please close the issue.
I still have doubts about false positives because the last release v0.24.0 is virustotal clean https://www.virustotal.com/gui/file/4e908c53f6ffdd5b4dd9a92800816f7ab1cb20669aef17eca1041b87885f71c5
SamTwining
commented
2 years ago I still have doubts about false positives because the last release v0.24.0 is virustotal clean https://www.virustotal.com/gui/file/4e908c53f6ffdd5b4dd9a92800816f7ab1cb20669aef17eca1041b87885f71c5
I'm not an active developer of this repository but I've cloned the repo and will be inspecting it -- If you have evidence of malicious code then by all means, please submit it for review. This is a popular repo with dozens of contributors, so the likelihood of something being overtly malicious within the codebase is not impossible but at least unlikely, or highly conspiratorial.
If you don't have something to present other than the false positive, please close this issue until you do.
OfficialEsco
commented
2 years ago I did some testing on a clean Virtualbox VM and i cannot find any traces of Adware, however it might be blocked by a strict host system wide DNS or it did not run because it detected a VM.
%Localappdata%\WebTorrent\app-0.24.0\WebTorrent.exe is mostly detected as PUP/PUA, however Malwarebytes blocked a connection to 213.34.163.254:50239 and 117.201.196.173:8080%Localappdata%\WebTorrent\WebTorrent.exe is detected as Adware (Fake Popups)WinGet does not manually approve False Positives, contact the AV's to get it unflagged or remove the malicious code which might have gotten implemented in version 0.24.0.
Since its 2 years since the last release, would there be any changes in a new compile?
AndreyDedov
commented
2 years ago
- 213.34.163.254:5023 *178.255.168.117:8621 https://www.abuseipdb.com/check/178.255.168.117 https://www.abuseipdb.com/check/213.34.163.254 Definitely bad ip.
github-actions[bot]
commented
1 year ago Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?
v0.24.0
Windows 10
https://www.virustotal.com/gui/file/08b97a6a4b5999bd0f0c2f0eb368eb938a16c373999b672db24ea89664d35714
Expected virus-free software lol!
NO!