|
Title: Blockchain Virus Post by: eastjc on February 04, 2014, 06:01:02 PM I've downloaded bitcoin-qt and Armory from their official sites on different computers. Every time, within a day of having the blockchain downloaded and databases built, I suddenly have a swarm of several different trojans attached to the block chain files. Is there a security weakness in armory or qt that is allowing them in or is it something in the download file. I'm becoming concerned because I am now having to run constant virus scans on my computers and the only consistant factor is they're attaching to the database files. When I uninstall (totally) armory, the problem goes away after a boot level virus scan. Stays away for a few days. Then I try to reinstall armory and suddenly I've got virus' again.
Please check the available download file to ensure that it is not corrupted, and if you are not responsible for the blockchain, maybe there may be a way to add a scan while the blockchain is imported in casee the virus is attached to that? Title: Re: Blockchain Virus Post by: Holliday on February 04, 2014, 10:29:47 PM I'm not a computer expert, but your post sounds odd to me.
A virus attaching itself to the database files? Are you sure that your anti-virus software isn't throwing false positives? Title: Re: Blockchain Virus Post by: SOEHARTO on May 27, 2014, 05:41:16 PM i see this to in biggest website about virus blokchain makes stoned DOS computer .
just hope thats will solved and reattack later. Title: Re: Blockchain Virus Post by: jbrnt on May 27, 2014, 05:46:52 PM If your antivirus reported viruses in the blockchain sst files, most likely it is a false positve. I have been other members posting about it, and they have said that not everyone will get this alert. It depends on your antivirus software.
Title: Re: Blockchain Virus Post by: astrix on May 27, 2014, 06:22:55 PM I had ?false? positives aswell in my avast. If I'm searching on startups, it shows me potential unwanted programs. For ex. "diskspoiler" in the blockchain of the armory!
Title: Re: Blockchain Virus Post by: Swordsoffreedom on May 28, 2014, 05:59:52 AM I had ?false? positives aswell in my avast. If I'm searching on startups, it shows me potential unwanted programs. For ex. "diskspoiler" in the blockchain of the armory! Pretty sure that someone put virus signatures in the blockchain and some virusscanners read the damn things as viral That said if you downloaded it from the source there is no reason to assume your getting attacked by viruses and they are just false positives that are detected by your viruscanner Mumble Asshats http://answers.microsoft.com/en-us/protect/forum/mse-protect_updating/microsoft-security-essentials-reporting-false/0240ed8e-5a27-4843-a939-0279c8110e1c?tm=1400189799602 http://thehackernews.com/2014/05/microsoft-security-essential-found.html Epic comment though file must be less than 10 MB Sadly the first option you gave won't work: "Samples must be less than 10MB", the blockchain is at 16.6GiB right now. Title: Re: Blockchain Virus Post by: halfawake on June 02, 2014, 11:29:22 PM My virus scanner (Avast) mistook the bitcoin core program for a virus. I whitelisted it with Avast because I knew it wasn't a virus, but that may be what you are running into. Unless you downloaded the blockchain from some suspect place rather than let it sync, in which case, it's possible it is a virus.
Title: Re: Blockchain Virus Post by: roslinpl on June 02, 2014, 11:45:55 PM I've downloaded bitcoin-qt and Armory from their official sites on different computers. Every time, within a day of having the blockchain downloaded and databases built, I suddenly have a swarm of several different trojans attached to the block chain files. Is there a security weakness in armory or qt that is allowing them in or is it something in the download file. I'm becoming concerned because I am now having to run constant virus scans on my computers and the only consistant factor is they're attaching to the database files. When I uninstall (totally) armory, the problem goes away after a boot level virus scan. Stays away for a few days. Then I try to reinstall armory and suddenly I've got virus' again. Please check the available download file to ensure that it is not corrupted, and if you are not responsible for the blockchain, maybe there may be a way to add a scan while the blockchain is imported in casee the virus is attached to that? A virus attached to a blockchain -- it sound like "not possible" under Armory. Just use OFFICIAL sites to download your wallets ... Title: Re: Blockchain Virus Post by: picobit on June 03, 2014, 01:22:01 PM I have also heard about this "stoned" virus in the block chain. It looks like some prankster added the virus signature to a transaction to cause false positives. There is no way the stuff in the block chain can get executed, so you don't get real virusses this way.
Anyway, the "stoned" virus can only run on really ancient DOS machines. Title: Re: Blockchain Virus Post by: roslinpl on June 03, 2014, 02:22:06 PM I have also heard about this "stoned" virus in the block chain. It looks like some prankster added the virus signature to a transaction to cause false positives. There is no way the stuff in the block chain can get executed, so you don't get real virusses this way. Anyway, the "stoned" virus can only run on really ancient DOS machines. have you got any source of those informations? I never heard about any stoned virus attached to a blockchain. Would be nice to read something more about it. Title: Re: Blockchain Virus Post by: picobit on June 04, 2014, 08:00:25 AM Here is one mention of it. Not the one I read a few weeks ago, but essentially the same story (they all quote each other anyway).
http://www.theregister.co.uk/2014/05/18/bitcoin_user_stoned_on_virus_warnings/ Title: Re: Blockchain Virus Post by: roslinpl on June 04, 2014, 12:01:38 PM Here is one mention of it. Not the one I read a few weeks ago, but essentially the same story (they all quote each other anyway). http://www.theregister.co.uk/2014/05/18/bitcoin_user_stoned_on_virus_warnings/ Interesting indeed. Someone made a joke ... somehow :) but anyway there is no possibility to get a real virus while downloading a blockchain... No cases like that till today - and I hope it will stay like that forever. Title: Re: Blockchain Virus Post by: btcton on June 12, 2014, 04:48:37 AM I would be suspicious of your install. I use Avast! and I have never gotten any warnings for either Armory or Bitcoin-Qt. Make sure you are installing from official sites.
Title: Re: Blockchain Virus Post by: picobit on June 12, 2014, 10:17:36 AM I would be suspicious of your install. I use Avast! and I have never gotten any warnings for either Armory or Bitcoin-Qt. Make sure you are installing from official sites. It was not the install that gave the false positive, but the blockchain data. And I have only heard about Microsofts own antivirus falsely detecting it. Either avast and the other don't use exactly the same signature, or they do not scan the blockchain data files (scanning them makes no sense anyway, since they are not executed). Title: Re: Blockchain Virus Post by: goatpig on June 12, 2014, 06:50:16 PM I would be suspicious of your install. I use Avast! and I have never gotten any warnings for either Armory or Bitcoin-Qt. Make sure you are installing from official sites. It was not the install that gave the false positive, but the blockchain data. And I have only heard about Microsofts own antivirus falsely detecting it. Either avast and the other don't use exactly the same signature, or they do not scan the blockchain data files (scanning them makes no sense anyway, since they are not executed). We've received reports of other AVs flagging the blockchain or our DB copy of it over the past few months. All false positives obviously, but this isn't limited to MS' BitDefender. |