Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trojan:Win32/PackBackdoor ? #11815

Open
mm108 opened this issue Aug 22, 2022 · 6 comments
Open

Trojan:Win32/PackBackdoor ? #11815

mm108 opened this issue Aug 22, 2022 · 6 comments
Assignees
@rhaidiz @rhpco
Labels
Component: IDE The Arduino IDE security Security fixes / bugs / improvements Type: Bug

Comments

@mm108
Copy link

mm108 commented Aug 22, 2022
edited by per1234
Loading

I was trying to install Arduino IDE 1.8.19 and as always I ran the installer through VirusTotal. One of the Security Vendor's Analysis detects Trojan:Win32/PackBackdoor.0142b83b:

https://www.virustotal.com/gui/file/9b480a781e823f81c643a67b1a0e53ad25fceb1b2a4a90977df6916877262055

Arduino_IDE_1 8 19

I am thinking that this could mostly be a false alarm? Any thoughts?
@uttam2000

This comment was marked as abuse.

Sign in to view
@per1234
Copy link
Collaborator

per1234 commented Aug 22, 2022

Hi @mm108. Thanks for bringing this detection to our attention. I have notified Arduino's security team of your report.

@per1234 per1234 added Component: IDE The Arduino IDE security Security fixes / bugs / improvements labels Aug 22, 2022
@mm108
Copy link
Author

mm108 commented Aug 23, 2022

Hi @mm108. Thanks for bringing this detection to our attention. I have notified Arduino's security team of your report.

Thank you so much @per1234.

@ghost
Copy link

ghost commented Oct 20, 2022

When only one of the engines, especially a lesser-known one detects it, it is probably a false positive,

@jguiherdev
Copy link

Hey guys, any new about this? was a false positive finally??

@rhpco
Copy link

rhpco commented Feb 3, 2023

Hi @jguiherdev @per1234,
After internal analysis, the security team concluded it was a false positive.
We have contacted the vendor with a "false positive report" request, we hope the virustotal's engine will be updated quickly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rhaidiz rhaidiz

@rhpco rhpco

Labels
Component: IDE The Arduino IDE security Security fixes / bugs / improvements Type: Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@rhaidiz @rhpco @per1234 @mm108 @uttam2000 @jguiherdev