This repository has been archived by the owner on Mar 23, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 193
Virus infection in Windows installer #607
Comments
We are investigating, the files have been removed for now! Thanks for reporting. |
@GeorgH93 please could you send over the windows version you have (if you still have it). Please send it on Slack - my user is @alexbarnsley |
@alexbarnsley Sure. I am not in the ark workspace yet, I have requested an invite via the website and will send it to you asap. Edit: Have sent them. |
@GeorgH93 can you contact me in ARK's Slack (username 'boldninja'). |
I'll close since the files have been updated. |
alexbarnsley
pushed a commit
that referenced
this issue
Dec 3, 2018
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I have just downloaded the Windows installer and I can say it is defiantly infected with something.
After seeing that the file I have just downloaded did not match the checksum published on the GitHub releases page and a new download didn't fix the problem, I decided to check it in an virtual machine with an clean windows install.
After the installation of the program Windows informed me that something wants to install a new root certificate, I denied it and checked what is going on.
So I discovered that something has placed an proxy server in the directory:
%localappdata%\Microsoft\CLR_v2.0
While testing which sites the proxy is active for I instantly detected that Firefox told me that the certificate for binance is invalid.
Since you should get the right executable from GitHub and finding this discussion with a different wrong checksum than the one the file I have downloaded had I decided to check the GitHub API (https://api.github.com/repos/ArkEcosystem/desktop-wallet/releases/latest) for the upload date of the file, and found this:
Ubuntu:
"updated_at": "2018-06-27T13:27:40Z", "browser_download_url": "https://github.com/ArkEcosystem/desktop-wallet/releases/download/1.6.0/ArkClient-Ubuntu-1.6.0_amd64.deb"
Windows 32bit:
"updated_at": "2018-07-15T14:38:36Z", "browser_download_url": "https://github.com/ArkEcosystem/desktop-wallet/releases/download/1.6.0/ArkClient-Win32-1.6.0.exe"
Windows 64bit:
"updated_at": "2018-07-15T14:38:36Z", "browser_download_url": "https://github.com/ArkEcosystem/desktop-wallet/releases/download/1.6.0/ArkClient-Win32-1.6.0.exe"
Both Windows version have been uploaded just one day ago, while the Ubuntu, MacOS and Linux uploads have been uploaded last month.
The text was updated successfully, but these errors were encountered: