Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug]: Antivirus identifies threat in lizmap 3.7.13 #5129

Open
1 task
oskardabrowski opened this issue Dec 16, 2024 · 3 comments
Open
1 task

[Bug]: Antivirus identifies threat in lizmap 3.7.13 #5129

oskardabrowski opened this issue Dec 16, 2024 · 3 comments
Labels

Comments

@oskardabrowski
Copy link

What is the bug? (in English)

The antivirus identifies a threat while attempting to download Lizmap; it is likely that something within it matches an entry in the Windows virus database or other virus databases.

Steps to reproduce the issue

Just try downloading Lizmap 3.7.13 on Windows 11. If you try to open zip then it will be removed

Versions, safeguards, check summary etc

Zrzut ekranu 2024-12-16 074828

Check Lizmap plugin

  • I have done the step just before in the Lizmap QGIS desktop plugin before opening this ticket. Otherwise, my ticket is not considered valid and might get closed.

Operating system

Windows 11

Browsers

Firefox, Chrome, Microsoft Edge

Browsers version

Edge 131, Chrome 131

Relevant log output

No response

@meyerlor
Copy link

Which antivirus are you using? Scanning the ZIP file with on Virustotal gives 0 false positives:
https://www.virustotal.com/gui/file/c5b7b4ecfb6353e664fa27ddf9660c21fd1cf6336e8c98677a445ba0c2367bc3

@oskardabrowski
Copy link
Author

I'm using Windows Defender, and it identified a Trojan:Script inside a ZIP file.

Untitled

ENG Translation:
Threat Quarantined
Severity: Severe

Detected: Trojan:Script/Wacatac.B!ml
Status: Quarantined
Files quarantined are in a restricted area where they cannot harm your device. These files will be automatically deleted.

Date: 16.12.2024 08:27
Details: This program is dangerous and executes commands from an attacker.

Related items:
File: C:[redacted]\Desktop\lizmap-web-client-3.7.13.zip

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3AScript%2FWacatac.B!ml&threatid=2147735503

I don't think someone intentionally added a threat to this project, but I think it's something that could be mistakenly identified as a threat. I'll try to figure out where the problem is, and for now, I'll add Lizmap to the whitelist. If I find anything, I'll contact 3Liz or create a new issue. You can close this issue if you want or I'll close it next week.

@nworr
Copy link
Contributor

nworr commented Dec 19, 2024

I downloaded the file and launched an analysis with "Windows Security" on my computer, I don't have that message (consistent with @meyerlor comment ).
In my opinion, this is a false positive.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants