Blockchain Virus

[eastjc]

I've downloaded bitcoin-qt and Armory from their official sites on different computers.  Every time, within a day of having the blockchain downloaded and databases built, I suddenly have a swarm of several different trojans attached to the block chain files.  Is there a security weakness in armory or qt that is allowing them in or is it something in the download file.  I'm becoming concerned because I am now having to run constant virus scans on my computers and the only consistant factor is they're attaching to the database files.  When I uninstall (totally) armory, the problem goes away after a boot level virus scan.  Stays away for a few days.  Then I try to reinstall armory and suddenly I've got virus' again.

Please check the available download file to ensure that it is not corrupted, and if you are not responsible for the blockchain, maybe there may be a way to add a scan while the blockchain is imported in casee the virus is attached to that?

[Holliday]

I'm not a computer expert, but your post sounds odd to me.

A virus attaching itself to the database files?

Are you sure that your anti-virus software isn't throwing false positives?

[SOEHARTO]

i see this to in biggest website about virus blokchain makes stoned DOS computer .
just hope thats will solved and reattack later.

[jbrnt]

If your antivirus reported viruses in the blockchain sst files, most likely it is a false positve. I have been other members posting about it, and they have said that not everyone will get this alert. It depends on your antivirus software.

[astrix]

I had ?false? positives aswell in my avast. If I'm searching on startups, it shows me potential unwanted programs. For ex. "diskspoiler" in the blockchain of the armory!

[Swordsoffreedom]

I had ?false? positives aswell in my avast. If I'm searching on startups, it shows me potential unwanted programs. For ex. "diskspoiler" in the blockchain of the armory!

Pretty sure that someone put virus signatures in the blockchain and some virusscanners read the damn things as viral
That said if you downloaded it from the source there is no reason to assume your getting attacked by viruses and they are just false positives that are detected by your viruscanner

Mumble Asshats
http://answers.microsoft.com/en-us/protect/forum/mse-protect_updating/microsoft-security-essentials-reporting-false/0240ed8e-5a27-4843-a939-0279c8110e1c?tm=1400189799602
http://thehackernews.com/2014/05/microsoft-security-essential-found.html

Epic comment though file must be less than 10 MB

Sadly the first option you gave won't work: "Samples must be less than 10MB", the blockchain is at 16.6GiB right now.

[halfawake]

My virus scanner (Avast) mistook the bitcoin core program for a virus.  I whitelisted it with Avast because I knew it wasn't a virus, but that may be what you are running into.  Unless you downloaded the blockchain from some suspect place rather than let it sync, in which case, it's possible it is a virus.

[roslinpl]

I've downloaded bitcoin-qt and Armory from their official sites on different computers.  Every time, within a day of having the blockchain downloaded and databases built, I suddenly have a swarm of several different trojans attached to the block chain files.  Is there a security weakness in armory or qt that is allowing them in or is it something in the download file.  I'm becoming concerned because I am now having to run constant virus scans on my computers and the only consistant factor is they're attaching to the database files.  When I uninstall (totally) armory, the problem goes away after a boot level virus scan.  Stays away for a few days.  Then I try to reinstall armory and suddenly I've got virus' again.

Please check the available download file to ensure that it is not corrupted, and if you are not responsible for the blockchain, maybe there may be a way to add a scan while the blockchain is imported in casee the virus is attached to that?

A virus attached to a blockchain -- it sound like "not possible" under Armory.

Just use OFFICIAL sites to download your wallets ...

[picobit]

I have also heard about this "stoned" virus in the block chain.  It looks like some prankster added the virus signature to a transaction to cause false positives.  There is no way the stuff in the block chain can get executed, so you don't get real virusses this way.

Anyway, the "stoned" virus can only run on really ancient DOS machines.

[roslinpl]

I have also heard about this "stoned" virus in the block chain.  It looks like some prankster added the virus signature to a transaction to cause false positives.  There is no way the stuff in the block chain can get executed, so you don't get real virusses this way.

Anyway, the "stoned" virus can only run on really ancient DOS machines.

have you got any source of those informations? I never heard about any stoned virus attached to a blockchain.
Would be nice to read something more about it.

[picobit]

Here is one mention of it.  Not the one I read a few weeks ago, but essentially the same story (they all quote each other anyway).

http://www.theregister.co.uk/2014/05/18/bitcoin_user_stoned_on_virus_warnings/

[roslinpl]

Here is one mention of it.  Not the one I read a few weeks ago, but essentially the same story (they all quote each other anyway).

http://www.theregister.co.uk/2014/05/18/bitcoin_user_stoned_on_virus_warnings/

Interesting indeed. Someone made a joke ... somehow but anyway there is no possibility to get a real virus while downloading a blockchain...

No cases like that till today - and I hope it will stay like that forever.

[btcton]

I would be suspicious of your install. I use Avast! and I have never gotten any warnings for either Armory or Bitcoin-Qt. Make sure you are installing from official sites.

[picobit]

I would be suspicious of your install. I use Avast! and I have never gotten any warnings for either Armory or Bitcoin-Qt. Make sure you are installing from official sites.

It was not the install that gave the false positive, but the blockchain data.  And I have only heard about Microsofts own antivirus falsely detecting it.  Either avast and the other don't use exactly the same signature, or they do not scan the blockchain data files (scanning them makes no sense anyway, since they are not executed).

[goatpig]

I would be suspicious of your install. I use Avast! and I have never gotten any warnings for either Armory or Bitcoin-Qt. Make sure you are installing from official sites.

It was not the install that gave the false positive, but the blockchain data.  And I have only heard about Microsofts own antivirus falsely detecting it.  Either avast and the other don't use exactly the same signature, or they do not scan the blockchain data files (scanning them makes no sense anyway, since they are not executed).

We've received reports of other AVs flagging the blockchain or our DB copy of it over the past few months. All false positives obviously, but this isn't limited to MS' BitDefender.