Closed osmanizbat closed 2 years ago
Thanks for bringing this to my attention. I really don't know where this is coming from. My guess is that there are viruses built/made with Go that use similar dependencies that usql
uses. For what it's worth, I build usql
releases on a VM that has nothing else installed except for the utilities needed to build usql
itself.
I am of course extremely concerned about this. I'll dig deep into the issue/cause here. If, somehow, my VM has become infected (I can't imagine how, since I don't use it for anything other than building usql
), I'll rectify the issue and publish a new binary build for Windows. In the interim, I'd suggest building from source for Windows.
I've looked into this, and I believe this is a false positive and it seems to have flagged other Go applications at times namely ngrok
and cloudflared
. I'm closing this for now, as I don't believe the binary has an actual virus/trojan.
Thanks @kenshaw, Your guess about using similar dependencies that are used in viruses makes sense. As I investigated, Windows Defender's machine learning algorithm might cause such false positives sometimes. ml suffix expresses this. By the way after I've checked the Windows Defender update today, it doesn't detect as trojan anymore.
Can confirm that building from source in an MSYS2 environment on windows has 0 virus flags on virustotal
Hi,
Windows security detects usql.exe file in usql-0.10.0-windows-amd64.zip release as "Trojan:Win32/Wacatac.D!ml" and quarantines it. Have any ideas?
OS: Windows 10 Pro, Build: 19044.1706