Title: Electrum 3.0.3 malware Atc4.Detection Post by: F8N00 on January 03, 2018, 06:32:51 PM I have Bitdefender installed on my windows and when i try to open Electrum my antivirus moves it to quarantine. I upload it on virustotal https://www.virustotal.com/#/file/f030699fe93e38d882c0734664207000756a32d0606ed714473f2f29e8156a31/detection and it's flagged from 6 other antivirus but not from bitdefender (very weird). I have installed on my pc bitdefender and malwarebytes.
Any idea what should i do? Title: Re: Electrum 3.0.3 malware Atc4.Detection Post by: TryNinja on January 03, 2018, 07:00:12 PM That's very likely just a false-positive. I downloaded the file from the website, scanned and got the same result.
Just make sure to download the file from electrum.org (http://electrum.org) (which is the ONLY official website) and you will be fine. Title: Re: Electrum 3.0.3 malware Atc4.Detection Post by: pooya87 on January 04, 2018, 05:04:53 AM That's very likely just a false-positive. I downloaded the file from the website, scanned and got the same result. Just make sure to download the file from electrum.org (http://electrum.org) (which is the ONLY official website) and you will be fine. downloading from the original (real) website only reduces the risk of downloading a fake wallet installation file with malware. the website may have been compromised and the attacker might have placed his malware in place of real files. although this is highly unlikely but the chance is not 0. the only solution is to first find the real developer's PGP pubkey: https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6 then verify the signature of downloaded files to make sure they are real. now you can be 100% sure. Title: Re: Electrum 3.0.3 malware Atc4.Detection Post by: F8N00 on January 04, 2018, 10:54:59 AM That's very likely just a false-positive. I downloaded the file from the website, scanned and got the same result. Just make sure to download the file from electrum.org (http://electrum.org) (which is the ONLY official website) and you will be fine. downloading from the original (real) website only reduces the risk of downloading a fake wallet installation file with malware. the website may have been compromised and the attacker might have placed his malware in place of real files. although this is highly unlikely but the chance is not 0. the only solution is to first find the real developer's PGP pubkey: https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6 then verify the signature of downloaded files to make sure they are real. now you can be 100% sure. Yes you are right. Do you know how i can do that on windows? I have download Keopatra but i don't know what should i do next... Title: Re: Electrum 3.0.3 malware Atc4.Detection Post by: bob123 on January 04, 2018, 03:09:59 PM Yes you are right. Do you know how i can do that on windows? I have download Keopatra but i don't know what should i do next... Here is a small tutorial on how to verify signatures on windows: https://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/how-to-verify-your-downloaded-files-are-authentic/ (https://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/how-to-verify-your-downloaded-files-are-authentic/) Replace the mentioned signatures with the ones for electrum. Current electrum installer (windows) : Code: -----BEGIN PGP SIGNATURE----- Standalone executable: Code: -----BEGIN PGP SIGNATURE----- Both to be found on the official site: https://electrum.org/#download (https://electrum.org/#download) Additinally from the official site: Sources and executables are signed by ThomasV (https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6 (https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6)) |