Version 2.19.1 is being flagged as malicious by Hybrid Analysis #1881
Comments
Correct, It undermines confidence in the AV threat business. The question is "why do 'they' keep doing it?" I may have my suspicions but this is not the time nor place to consider them.
Have you looked at how they might be mitigated? Are the reports detailed enough that one could even begin to address them? Are the just indicators of FOSS code developed on Linux (compared to Expensive code for corporate Windows environments ;-) If you are able to eliminate even one of the indicator types?, it could be a step forward! Usually it is just that the AV business folks are 'slow' at accepting new FOSS releases. That all said, on the link, the "AV Detection: Marked as Clean" is a better indicator". |
|
Well, this report is not entirely truthful, is it? The most prominent thing that sticks out when you click on the first link is the word "CLEAN" in all caps, under a very, very green rainbow. In that light, I have to admit that I am not enthused by the alarmist wording of the report. |
|
As to the "suspicious indicators":
The first two are required by Git Bash's Ctrl+C emulation, and the latter two, well, you know, this is Git, baby. If you don't understand how it works, don't complain about it. |
|
@dscho Thanks for also pointing out the Green Rainbow. I'd looked right passed that - Doh. Like you said, "not enthused by the alarmist wording of the report" Close? |
The Hybrid Analysis website is reporting version 2.19.1 as as having a threat score of 95/100 and containing 4 malicious and 19 suspicious indicators: https://www.hybrid-analysis.com/sample/5e11205840937dd4dfa4a2a7943d08da7443faa41d92ccc5dafbb4f82e724793
This is also referenced from the Virus Total report in the community section: https://www.virustotal.com/#/file/5e11205840937dd4dfa4a2a7943d08da7443faa41d92ccc5dafbb4f82e724793/community
Even if this is a false positive it still undermines user confidence.
The text was updated successfully, but these errors were encountered: