Trojan infected Serial studio #109
Replies: 3 comments 14 replies
-
Hi Vital197! Thanks a lot for the report. I'm sorry to see that some antivirus programs detected this software as a trojan. I am not sure why this happened. And I'll take the necessary steps to fix this. I can assure you that as an open-source developer publishing my hard work with my real name, I don't have any intention of participating in this kind of activities. All builds are generated on GitHub's CI server for the following reasons:
You can check the build script for each operating system here: The installers are automatically uploaded from GitHub's CI server to the releases page, no download or extra processing is done by me. I invite you to check the source code, the installer scripts and everything else. Probably this is a false positive emitted by the antivirus because this software interacts with many hardware peripherals (serial, bluetooth, network, etc). Also, there could be the possibility that the download sources used for generating the installer (e.g. Qt, NSIS, etc) have been compromised, I'll take a look at it later this evening. Please let me know if I can help with anything. Finally please only download Serial Studio from the GitHub releases page. I don't have any control or say over other software distribution websites! This includes SourceForge which for some reason listed my software there and mirrored this repo without my permission or any kind of notification. You must be very careful while downloading open-source software from non-official distribution channels, for example, check this article about GIMP & SourceForge. |
Beta Was this translation helpful? Give feedback.
-
Update, here is the graph of the files associated with the installer that you scanned: There are two suspicious things that happen:
At first, I though that 🚩 Important note: I also downloaded a copy from GitHub releases and uploaded it to VirusTotal. The hashes of the scanned installer and the one that I just uploaded are exactly the same. |
Beta Was this translation helpful? Give feedback.
-
Expanding the details of the Surprisingly, expanding the installer file with the Unarchiver does not reveal the And finally, expanding the @joncloud I am using your GitHub Action to generate the NSIS installer for this project. Do you have any knowledge of this? Or do you know who should we contact in order to clarify this behavior? |
Beta Was this translation helpful? Give feedback.
-
I´m writing this email to rise attention of community because I got trouble in the moment of instalation of the product. In that moment my computer was almost frozen completely and also, I never got to work the program properly. Recently I saw many extra files in every new folders created by Processing. Between these files I saw Serial Studio and I checked this one with https://www.virustotal.com/gui/home/upload this websites. Their antivirus found some trojan Win32. exe https://www.virustotal.com/gui/file/4669b952bcd6ea7056a1603ddaa73d42adfeb2d7e4954bca095ae8b3c5143b3d. I´m sending this email to community to rise their attention.
Also my computer begun to work very slowly.
Beta Was this translation helpful? Give feedback.
All reactions