|
Title: Electrum download riddled with virus or malware? Post by: krogothmanhattan on January 08, 2019, 12:33:59 PM HI,
Just downloaded the electrum wallet and prior to installing it I sent to https://www.virustotal.com/#/file/0350701574cf817469b8ed505892c808b64250d21336806acefae21a14a8939f/detection Is electrum aware of this? And yes from there website here>> https://electrum.org/#home Title: Re: Electrum download riddled with virus or malware? Post by: Coolserver.host on January 08, 2019, 01:59:50 PM Weird... same for me with the new version (3.3.2)... https://www.virustotal.com/#/file/e5bf6cfcb3181c452ea8f0eaab4539a694a60c45bc6fae8fadbb9eb0ac9b44d3/detection
Positive for 7/68 Title: Re: Electrum download riddled with virus or malware? Post by: Lucius on January 08, 2019, 02:06:46 PM It is very likely false positive, some AV just detect wallet files as trojan/malware/riskware and others say it is safe to use it. There is nothing strange about it because it happened before and there were similar questions and concerns.
For extra security of that file any user can verify PGP signature by using method described here : edited/links in post from Abdussamad However it take some time to do that, it is not one click operation, so many just avoid to check files in this way. If Electrum wallet is downloaded from official site it should be safe, but chance that hackers can hack site, and replace legit files with fake ones is always possible. Title: Re: Electrum download riddled with virus or malware? Post by: Abdussamad on January 08, 2019, 02:28:57 PM @Lucius edit: that guide is just wrong. he's asking people to trust the site for the key id:
Quote At the top of the download page of the Electrum website you will see a mention reading: Sources and executables are signed by [Someone name here] Click the link on the right of this mention. It will show you details of the PGP public key of the author, including the keyId. Copy this keyId. (for example, at the time of writing this article, it was signed by Thomas V, and its keyID is 7F9470E6). Besides the short key id he's using there is unsafe (https://www.reddit.com/r/Electrum/comments/aa3l7s/how_to_check_if_your_electrum_wallet_is_legit/ecp4dx7/). My suggestion is to link people to this guide (https://bitcoinelectrum.com/how-to-verify-your-electrum-download/) or this one (https://bitzuma.com/posts/how-to-verify-an-electrum-download-on-windows/) instead. Title: Re: Electrum download riddled with virus or malware? Post by: HCP on January 08, 2019, 08:39:12 PM Seems that the devs updated the PyInstaller version being used to package up Electrum and this has triggered all the shitty AV apps to declare Electrum as possible malware: https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953
Title: Re: Electrum download riddled with virus or malware? Post by: BitMaxz on January 08, 2019, 09:22:31 PM It mostly falls positive but if you feel that this is not safe you can use the low version of electrum like 3.0.6 portable version
I used this portable version because the higher version and installer of electrum shows more warning signs from VirusTotal compared to new version. Take a look at this result for electrum portable 3.0.6 https://www.virustotal.com/#/file/c04ca855f94533b2303cc5415604585b294c45a82fb85f0647d9f336b8901cb2/detection Title: Re: Electrum download riddled with virus or malware? Post by: jackg on January 09, 2019, 01:38:38 AM Seems that the devs updated the PyInstaller version being used to package up Electrum and this has triggered all the shitty AV apps to declare Electrum as possible malware: https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953 Symantec say it’s fine and quite a few others. I feel when doing virus scans you should get a majority or at least 20 on virustotal. Like hcp says it’s all the crappy ones that mark it (McAfee is in that list, make of that what you will ;D). They’ve labelled it with a code this time and not just genwindows like they normally do, that change to the installer must have really pissed them off. ;D As bitmaxz says, there’s a perk to using older versions... the tried and tested approach. I’d suggest portable or standalone executables but I’m lazy... but routinely check the update log just to be sure you’re not at risk. Title: Re: Electrum download riddled with virus or malware? Post by: krogothmanhattan on January 09, 2019, 02:02:41 AM Thankyou all...will heed your advice..cheers
Title: Re: Electrum download riddled with virus or malware? Post by: krogothmanhattan on January 12, 2019, 01:54:45 PM Finally downloaded after turning off my Avast program. Once installed I deleted the download file and ran AVAST..NO ISSUES!
So was able to do what I was asking here>> https://bitcointalk.org/index.php?topic=5094605.msg49116576#msg49116576 |