|
Guvn0r (OP)
|
 |
May 20, 2019, 06:32:31 PM |
|
New electrum version detected as Trojan by Bitdefender (Self explanatory) I was on 3.3.4 and was trying to upgrade to 3.3.6 which showed up on my wallet  |
|
|
|
|
|
|
|
|
|
|
|
"There should not be any signed int. If you've found a signed int
somewhere, please tell me (within the next 25 years please) and I'll
change it to unsigned int." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
BitcoinGirl.Club
Legendary
 Offline
Activity: 2772
Merit: 2713
Farewell LEO: o_e_l_e_o
|
|
May 20, 2019, 06:48:06 PM |
|
If you have verified the download before installing and if it was verified successfully then just hit the restore button. You do not have to trust Bitdefender in that case.
These anti virus are not end of the world, sometimes they are itself the virus and stupid 🙂
|
|
|
|
Bitcoin_Arena
Copper Member
Legendary
Offline
Activity: 2030
Merit: 1791
฿itcoin for all, All for ฿itcoin.
|
|
May 20, 2019, 06:54:09 PM |
|
So long as the signed signature of your upgrade is verified then there's nothing to worry about. It's nothing new with Electrum. There have been false positives in the past by different antivirus engines. Keep your eyes peeled though  |
|
|
|
hatshepsut93
Legendary
Offline
Activity: 2968
Merit: 2147
|
|
May 20, 2019, 07:34:24 PM |
|
In fact it's very common for antiviruses to detect new version of crypto clients as melware because those antiviruses simply look at executable files, and if they don't match them in their database, they mark them as malware, so it happens when a new version gets released and very few people have installed it. So there's a high probability that it's just a false positive, if you have downloaded from the official site and verified the signature of the developer, you should be fine, although to e sure try waiting a few days and see if other people report anything suspicious.
|
|
|
|
TryNinja
Legendary
Offline
Activity: 2828
Merit: 6989
|
As always... And: "Anti-virus" software uses shitty heuristics to detect malware. PyInstaller is a convenient tool to package python apps. We use PyInstaller. Malware authors use PyInstaller. Everything that uses PyInstaller is detected as malware. From: https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953 |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
Kakmakr
Legendary
Offline
Activity: 3444
Merit: 1957
Leading Crypto Sports Betting & Casino Platform
|
|
May 21, 2019, 06:13:35 AM |
|
The problem comes in with the way that some anti-virus software detect viruses or malware. Apart from detecting specific code, it also use heuristics to check for specific behaviour that looks like virus or malware activity and it warns the user, if it detects something that looks suspicious. There are some viruses out there that has not been reported or detected by their team, so these "wild" viruses are flagged by their software, if it acts like a virus or malware. The latest changes might have acted like a virus in some way, but it is not a virus.  Why would the Electrum developers deliberately add a virus to their code? |
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
|
davis196
|
|
May 21, 2019, 06:21:47 AM |
|
From where did you downloaded that version of Electrum?It seems that this update is really infected by a Trojan.What if Electrum is really compromised?
By the way,this forum (Bitcoin Discussion) isn't the right place to post such topic.
|
|
|
|
Herbert2020
Legendary
Offline
Activity: 1946
Merit: 1137
|
|
May 21, 2019, 06:22:59 AM |
|
as long as you trust Electrum developers and also verify that the file you downloaded was indeed released by them (in other words if you verify the signature of that file) you have nothing to worry about and you must add Electrum to your anti-virus's exclusion from scanning list. you can also report the false positive to the company to improve their detection engine.
if you don't trust Electrum developers then you have to download the source code and compile it yourself after reviewing the code to make sure there is nothing shady going on.
this is how the decentralized open source community should work.
|
Weak hands have been complaining about missing out ever since bitcoin was $1 and never buy the dip.
Whales are those who keep buying the dip.
|
|
|
|
judeafante
|
|
May 21, 2019, 07:08:17 AM |
|
I experienced that the first time but since I downloaded it on the official site and I read a lot of false positives reviews of anti virus on Electrum I proceed to install Electrum wallet to my desktop and so far so good, it's working perfectly and no issue whatsoever but I'm not storing all my coins on this wallet alone.
|
| .
SECONDLIVE | | | │ | | | | | | │ | | | ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ S T A K E L I T T L E W I N B I G ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▄▄███████▄▄▄
▄▄████████████████▄▄
██████████████████████▄
████████▀▀▀██████████████
███████▌ ▀█████████████
████████▀ ▀▀▄▄██▀▀▀██████████
███████ ▀████████
███████▄ ████████
████████▄▄ ▄████████
███████████▄▄▄▄██████████
▀█████████████████████▀
▀████████████████▀▀
██████████████████████ |
|
|
|
|
CryptoBry
|
|
May 21, 2019, 07:45:42 AM |
|
The problem comes in with the way that some anti-virus software detect viruses or malware. Apart from detecting specific code, it also use heuristics to check for specific behavior that looks like virus or malware activity and it warns the user, if it detects something that looks suspicious. There are some viruses out there that has not been reported or detected by their team, so these "wild" viruses are flagged by their software, if it acts like a virus or malware. The latest changes might have acted like a virus in some way, but it is not a virus. Why would the Electrum developers deliberately add a virus to their code? As long as one has downloaded from the real site or source, I think there is nothing to worry about it. Bitdefender is just being cautious and is just doing its assigned job. Many anti-virus are behaving this way since the update can be new to them...maybe just part of the regular security protocol. In other words, not all that can be detected as a virus, smells and looks like a virus can be virus at all. Who knows, they are just there so that Bitdefender will wake up and do its job (ok this can be an overstretch lol). |
|
|
|
|
|
Genemind
|
|
May 21, 2019, 07:55:49 AM |
|
I haven't downloaded the latest version and still waiting for reviews and updates from users. I trust electrum and I think it wouldn't be a trouble for most users.
Bitdefender is actually too active and we can't question how it could simply detect this kind of case.
|
|
|
|
|
buwaytress
Legendary
Offline
Activity: 2800
Merit: 3447
Join the world-leading crypto sportsbook NOW!
|
|
May 21, 2019, 08:01:06 AM |
|
I generally skip new updates, always lag about 2 or 3 versions, unless it's a critical one of course. Not that I don't trust new versions rightaway (if it's stable, it works, and Electrum + Tomas are about as solid as it gets) just never really get into updates until need them. By the time I DO get them though, the antiviruses seem to have gotten over their initial false positives.
As repeatedly said, you verify your electrum, you're gold... until critical bugs are found;)
|
|
|
|
|
Ailmand
|
|
May 21, 2019, 08:20:36 AM |
|
I don't actually focus on downloading the latest version of any wallets that I'm using. As long as it's working well and it meets the security measures that I need, I don't usually update it. The detection of Bitfender is quite bothering but I just hope that it wouldn't ruin the reputation of Electrum.
|
|
|
|
|
Crypto Girl
|
|
May 21, 2019, 08:24:09 AM |
|
Again, reading the title gave me little heart attack. lol! I really don't mind updating mine as well.
Seems trojan was too way active and over reacting in new versions, perhaps could be the bitdefender is the one needed an update? It seems sensitive and giving us false warning.
|
|
|
|
stompix
Legendary
Offline
Activity: 2884
Merit: 6323
Blackjack.fun
|
|
May 21, 2019, 08:51:51 AM |
|
Try to update the virus definitions for bitdifender , the trojan.generickd name is pretty self-explaining, it is pointing out that the file might be something suspicious! I remember Bitdefender hat an option for further analyze the file, just use it and it will help them tag the file in the future as safe. From where did you downloaded that version of Electrum?It seems that this update is really infected by a Trojan
Sorry but..what?  ? |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
serjent05
Legendary
Offline
Activity: 2842
Merit: 1255
Cashback 15%
|
|
May 21, 2019, 09:06:49 AM |
|
I did download the latest version of electrum and installed it on my system. Kaspersky did not notified me of any detection of Trojan in the new installed software, probably it is a false positive. It seems the same query is in this thread https://bitcointalk.org/index.php?topic=5144797.0 |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
1Referee
Legendary
Offline
Activity: 2170
Merit: 1427
|
|
May 21, 2019, 09:16:44 AM |
|
I don't actually focus on downloading the latest version of any wallets that I'm using. As long as it's working well and it meets the security measures that I need, I don't usually update it.
Same here. I still run Bitcoin Core 0.16.3 (latest version is 0.18.0) which contains the most important fixes dealing with the bugs in the previous versions, which means that I'm good for now. I'll upgrade to the latest version when there is a worthy enough difference to upgrade for, which isn't the case yet. Best thing is to run clients through https://www.virustotal.com/ to see how other antivirus software solutions react to it. In most cases you'll only see one or two positives, which are mostly false anyway. |
|
|
|
|
eternalgloom
Legendary
Offline
Activity: 1792
Merit: 1283
|
|
May 21, 2019, 09:26:47 AM |
|
Same thing happened with the Litecoin Electrum client, where even Windows Defender tagged it as possible malware.
I think they fixed it eventually, but it's not great advertising, that's for sure...
Was a bit of a pain to get it installed, since everything was quarantined automatically at first. After some research, I saw it was a common issue & nothing to worry about.
Did verify the signature, just to make sure.
|
|
|
|
Nadziratel
Sr. Member
Offline
Activity: 1568
Merit: 321
★777Coin.com★ Fun BTC Casino!
|
|
May 21, 2019, 09:27:52 AM |
|
I stopped using it after some news about the Electrum wallet. I haven't used it in a long time. Obviously I would recommend the same to you.
|
|
|
|
TryNinja
Legendary
Offline
Activity: 2828
Merit: 6989
|
|
May 21, 2019, 11:13:16 AM |
|
I stopped using it after some news about the Electrum wallet. I haven't used it in a long time. Obviously I would recommend the same to you.
That was fixed already and Electrum is safe to use again. Same thing happened with the Litecoin Electrum client, where even Windows Defender tagged it as possible malware.
I think they fixed it eventually, but it's not great advertising, that's for sure...
Was a bit of a pain to get it installed, since everything was quarantined automatically at first. After some research, I saw it was a common issue & nothing to worry about.
Did verify the signature, just to make sure.
There isn’t really a “fixing”, this is a problem with these antivirus. That’s the way they work (an virus can sing, so if this software can sing, it’s probably a virus as well). I don’t use any antivirus anymore because of this. Hasn’t been infected in more than 4 years.  |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
