nopara73 (OP)
Member
 Offline
Activity: 99
Merit: 326
|
 |
January 08, 2020, 06:38:47 PM
Last edit: January 11, 2020, 01:16:20 PM by nopara73 Merited by suchmoon (7), gmaxwell (5), harding (5), ABCbits (4), DooMAD (2), DdmrDdmr (2), LFC_Bitcoin (1), LeGaulois (1), o_e_l_e_o (1), figmentofmyass (1), Heisenberg_Hunter (1) |
|
Hi guys! Recently we decided to ship Bitcoin Core with Wasabi Wallet. However this resulted in an unpleasant surprise, where numerous anti-virus companies started flagging Wasabi due to Bitcoin Core is being flagged too. We tried to contact these companies but generally they don't seem to care about it. So, the last thing we could do is call for the community to help us reporting the false positive results. You can check which anti viruses are flagging Bitcoin Core by uploading Bitcoin Core binaries https://bitcoincore.org/en/download/ to a website like VirusTotal https://www.virustotal.com/. In order to make this process smoother, we collected contact information and wrote an email template: https://bit.ly/helpbitcoinLet's anti anti-virus Bitcoin Core together  |
|
|
|
|
|
|
|
|
|
|
|
|
Once a transaction has 6 confirmations, it is extremely unlikely that an attacker without at least 50% of the network's computation power would be able to reverse it.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
shield132
|
|
January 08, 2020, 10:45:02 PM |
|
The most curious thing that I found there is that John McAfee is the founder of antivirus company McAfee LLC and at the same time this person is actively in bitcoin with his silly statements and false promises (everyone knows one of them).
I can't check right now but did McAfee determined that as a virus? If yes, then I'm more curious to see response from them on your email regarding to false positive.
|
|
|
|
Soratrade
Newbie
Offline
Activity: 6
Merit: 0
|
|
January 08, 2020, 11:07:48 PM |
|
The most curious thing that I found there is that John McAfee is the founder of antivirus company McAfee LLC and at the same time this person is actively in bitcoin with his silly statements and false promises (everyone knows one of them).
I can't check right now but did McAfee determined that as a virus? If yes, then I'm more curious to see response from them on your email regarding to false positive.
John has nothing to do with his old company anymore, he does not even like them anymore. |
|
|
|
|
BitcoinFX
Legendary
Offline
Activity: 2646
Merit: 1720
https://youtu.be/DsAVx0u9Cw4 ... Dr. WHO < KLF
|
|
January 08, 2020, 11:10:47 PM |
|
Great ongoing initiative for the community to support! ... - https://youtu.be/IP3XaAqDwZ0 |
|
|
|
bL4nkcode
Copper Member
Legendary
Offline
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
|
|
January 08, 2020, 11:45:53 PM |
|
Most desktop wallet are detected as malware on any or all anti virus except if you manually exclude it.
And yeah, nice initiative for the community.
|
|
|
|
|
gmaxwell
Staff
Legendary
Offline
Activity: 4158
Merit: 8382
|
|
January 09, 2020, 12:47:00 AM |
|
Let's anti anti-virus Bitcoin Core together In addition to doing this, I think it would be useful to attempt to circumvent the AV... since the listing is mostly lazyness they probably won't try to actively work against some simple countermeasures. Some stuff before indicated that some were simply triggering on the string "wallet.dat" and others on some mining function function names. It would be pretty non-intrusive to mildly obfscuate them in the binary (e.g. renaming the function and just xoring wallet.dat with something or similar). That in no way replaces reports-- it compliments them. If it's been heavily reported as okay, then they'll be less likely to work around some simple countermeasures. |
|
|
|
|
Wind_FURY
Legendary
Offline
Activity: 2898
Merit: 1817
|
|
January 09, 2020, 06:25:08 AM |
|
Let's anti anti-virus Bitcoin Core together In addition to doing this, I think it would be useful to attempt to circumvent the AV... I believe it's also an opportunity for the community to encourage the use of OSS, specifically Linux. We're giving tech-corporations power over what tools we should and shouldn't run in our computers.
since the listing is mostly lazyness they probably won't try to actively work against some simple countermeasures.
But maybe it's also "something else". Tin foil hats on. |
| .SHUFFLE.COM.. | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | .
...Next Generation Crypto Casino... |
|
|
|
NotATether
Legendary
Offline
Activity: 1582
Merit: 6677
bitcoincleanup.com / bitmixlist.org
|
|
January 09, 2020, 03:19:46 PM |
|
Remember that the reason AV companies flag bitcoin wallets is because they can't (or maybe don't want to) tell the different between an actual wallet and a desktop cryptominer. If it did quarantine the wallet program just whitelist it, the AV won't pester you anymore.
|
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
kzv
Legendary
Offline
Activity: 1722
Merit: 1285
OpenTrade - Open Source Cryptocurrency Exchange
|
|
January 09, 2020, 06:00:23 PM |
|
Remember that the reason AV companies flag bitcoin wallets is because they can't (or maybe don't want to) tell the different between an actual wallet and a desktop cryptominer. If it did quarantine the wallet program just whitelist it, the AV won't pester you anymore.
For this reason, a few years ago, antiviruses often flagged new versions Bitcoin Core or it forks But as I know the miner functionality is cut from source code Bitcoin Core since v.0.13 |
|
|
|
Luke-Jr
Legendary
Offline
Activity: 2576
Merit: 1186
|
|
January 10, 2020, 01:19:54 AM |
|
Remember that the reason AV companies flag bitcoin wallets is because they can't (or maybe don't want to) tell the different between an actual wallet and a desktop cryptominer. If it did quarantine the wallet program just whitelist it, the AV won't pester you anymore.
Mining software isn't malware either, though. In fact, I would suggest someone put together a list of affected projects (BFGMiner has had this problem for years) for reporting as safe... |
|
|
|
nopara73 (OP)
Member
Offline
Activity: 99
Merit: 326
|
|
January 13, 2020, 07:29:19 PM |
|
To provide some update here, the project has limited success. For example there is a tweet from coinforensics[0] with a positive response attached. Yet, I noticed a new detection emerged[1] within a 4 days time period, which is just strange. To further pursue the issue one of our software developer, Lucas Ontivero will try to tackle the antiviruses with pull requests from February 15, as it will be apparent by that time how successful the reporting campaign was. - 0 https://twitter.com/coinforensics/status/1216430197085495297) - 1 https://imgur.com/a/rGCLkph |
|
|
|
|
|
|
|
|
StonerStanley
|
|
June 10, 2020, 07:15:41 AM |
|
Just uninstall the Anti virus application that is in your computer that will solve it. I haven't been using an AV for many years because their redundant and has lots of issues such as adware, take to much memory in your ram, deletes file unknowingly and serve as a spyware to mine data.
Try Comodo Internet Security and turn off the antivirus. It's probably one of the best security software for windows. |
|
|
|
|
LFC_Bitcoin
Legendary
Offline
Activity: 3514
Merit: 9483
#1 VIP Crypto Casino
|
|
June 10, 2020, 01:00:42 PM |
|
I use my computer solely for Bitcoin Core, literally nothing else. I deactivated all anti-virus software on my computer so I obviously don’t have a problem. I can imagine it being frustrating if your AV software keeps flagging Bitcoin Core as potential malware.
Can I just advise everybody to please refrain from storing a significant amount of BTC on any device they use for everyday, regular browsing & downloading files.
I’ve seen too many horror stories here from idiots downloading movies & torrents to a computer storing a significant amount of coin, only for said movies & torrents to end up being bitcoin stealing malware.
Use your head & look after your coin.
|
|
|
|
coinforensics
Newbie
Offline
Activity: 3
Merit: 20
|
I have been monitoring Bitcoin Core versions in the past few months and reported the false positives to the AV providers.. To better track the status I created the "Bitcoin Client VirusTotal Tracker" on https://bitcoinissafe.com. It checks the false positive detection rate of Bitcoin clients every few hours via the VirusTotal API. I appreciate all feedback, improvements, changes, .. |
|
|
|
|
|
Casdinyard
|
|
August 04, 2020, 10:41:55 AM |
|
Recently we decided to ship Bitcoin Core with Wasabi Wallet. However this resulted in an unpleasant surprise, where numerous anti-virus companies started flagging Wasabi due to Bitcoin Core is being flagged too.
AFAIK BitcoinCore was flagged due to the fact that some applications uses some computer's graphic cards for mining, such as the issue of LoL back then where someone detected a mining code running in background of League of Legends. Hence, anti-virus blocks any applications that has something to do with mining cryptocurrency even the BitcoinCore itself. I'm not that tech savvy but I only see such possibility in this case. But what operating system are you using? If that would be Windows distros, then it is not that kind of unusual case as its pre-installed Windows Defender flags anything suspicious as virus, as long as it wasn't their product or an open-source product. |
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
coinforensics
Newbie
Offline
Activity: 3
Merit: 20
|
|
August 04, 2020, 01:11:12 PM |
|
You might want to add Electrum, since there are few people said Electrum is flagged by their antivirus.
Thanks for the feedback. Added the Windows and macOS binaries. |
|
|
|
|
|
yazher
|
|
August 04, 2020, 02:26:04 PM |
|
Sometimes I downloaded some files that automatically deleted by my anti-virus even though it's nothing to do with my security or whatever. It's fine for me because I can simply exclude the files whenever I want to use it again. But we are talking about Bitcoin core here and this is some serious matter, you know what? what if you finally synchronized all the nodes needed and when you update your anti-virus and when it finally has done, it automatically deletes the bitcoin core? because of their new updates.
|
|
|
|
|
Casdinyard
|
|
August 05, 2020, 02:38:16 AM |
|
1. Mining functionally removed from Bitcoin long time ago
2. Bitcoin Core is open-source software
Then I guess that nowadays, most anti-virus software doesn't include Bitcoin core and anything related to cryptocurrency to their whitelist, maybe due to some factors such as it can be used by some who would make their own code with it's system to have a suspicious script injected onto it, and also there are a lot of opportunities for the hackers to use anything crypto-related such as wallets to gain access to their targets. Though it was an open-source software, it's also a vulnerability as scripts can be easily added to such programs and they might make their own torrent server to be downloaded out of it. But still, a lot of AVs still hasn't whitelisted each and every programs made and updated everyday, and even some AVs is just a fraud making their own viruses and a version of past detected viruses. |
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
|
