Electrum download riddled with virus or malware?

[krogothmanhattan]

HI,

     Just downloaded the electrum wallet and prior to installing it I sent to https://www.virustotal.com/#/file/0350701574cf817469b8ed505892c808b64250d21336806acefae21a14a8939f/detection

      Is electrum aware of this?

     And yes from there website here>>  https://electrum.org/#home

[1715517645]

1715517645

[1715517645]

1715517645

[Coolserver.host]

Weird... same for me with the new version (3.3.2)... https://www.virustotal.com/#/file/e5bf6cfcb3181c452ea8f0eaab4539a694a60c45bc6fae8fadbb9eb0ac9b44d3/detection
Positive for 7/68

[Lucius]

It is very likely false positive, some AV just detect wallet files as trojan/malware/riskware and others say it is safe to use it. There is nothing strange about it because it happened before and there were similar questions and concerns.

For extra security of that file any user can verify PGP signature by using method described here : edited/links in post from Abdussamad

However it take some time to do that, it is not one click operation, so many just avoid to check files in this way. If Electrum wallet is downloaded from official site it should be safe, but chance that hackers can hack site, and replace legit files with fake ones is always possible.

[Abdussamad]

@Lucius edit: that guide is just wrong. he's asking people to trust the site for the key id:

At the top of the download page of the Electrum website you will see a mention reading:
Sources and executables are signed by [Someone name here]
Click the link on the right of this mention. It will show you details of the PGP public key of the author, including the keyId. Copy this keyId. (for example, at the time of writing this article, it was signed by Thomas V, and its keyID is 7F9470E6).

Besides the short key id he's using there is unsafe.

My suggestion is to link people to this guide or this one instead.

[HCP]

Seems that the devs updated the PyInstaller version being used to package up Electrum and this has triggered all the shitty AV apps to declare Electrum as possible malware: https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953

[BitMaxz]

It mostly falls positive but if you feel that this is not safe you can use the low version of electrum like 3.0.6 portable version

I used this portable version because the higher version and installer of electrum shows more warning signs from VirusTotal compared to new version.

Take a look at this result for electrum portable 3.0.6 https://www.virustotal.com/#/file/c04ca855f94533b2303cc5415604585b294c45a82fb85f0647d9f336b8901cb2/detection

[jackg]

Seems that the devs updated the PyInstaller version being used to package up Electrum and this has triggered all the shitty AV apps to declare Electrum as possible malware: https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953

Symantec say it’s fine and quite a few others. I feel when doing virus scans you should get a majority or at least 20 on virustotal.

Like hcp says it’s all the crappy ones that mark it (McAfee is in that list, make of that what you will ).
They’ve labelled it with a code this time and not just genwindows like they normally do, that change to the installer must have really pissed them off.


As bitmaxz says, there’s a perk to using older versions... the tried and tested approach. I’d suggest portable or standalone executables but I’m lazy... but routinely check the update log just to be sure you’re not at risk.

[krogothmanhattan]

Thankyou all...will heed your advice..cheers

[krogothmanhattan]

Finally downloaded after turning off my Avast program. Once installed I deleted the download file and ran AVAST..NO ISSUES!

So was able to do what I was asking here>> https://bitcointalk.org/index.php?topic=5094605.msg49116576#msg49116576