ClamXav show bitcoinxxx.dmg to be infected #2324

issue SteveBaker42 opened this issue on February 20, 2013
  1. SteveBaker42 commented at 9:45 AM on February 20, 2013: none

    Hi There,

    It may be a ClamXav anomaly, but both 0.7.2 and 0.8.0 versions of BitCoin for OSX show up as being infected with "Osx.Exploit.Iosjailbreak" virus.

    I download V0.7.2 2 days ago, and V0.8.0 this morning. Nothing else that I have ever downloaded has ever shown up any malicious content.

    I am running ClamXav V2.3.4, with engine 0.97.6/16702/Wed Feb 20 05:36:46 2013.

    Any advise or comments would be welcomed.

    Thanks, Steve Riyadh, Saudi Arabia 130220-0001

  2. gavinandresen commented at 2:30 PM on February 20, 2013: contributor

    Thanks for the report; I'll see if this is a false positive or a real problem immediately.

  3. gavinandresen commented at 2:37 PM on February 20, 2013: contributor

    Almost certainly a false-positive, but I'll do a little more research and will double-check the OSX build machines to make sure they aren't infected with anything.

    Reference: https://discussions.apple.com/thread/4786131?start=0&tstart=0

  4. gavinandresen commented at 2:53 PM on February 20, 2013: contributor

    Very odd; running ClamXAv V2.3.4 I cannot reproduce the false positive:

    ----------- SCAN SUMMARY ----------- Known viruses: 1854537 Engine version: 0.97.6 Scanned directories: 2 Scanned files: 18 Infected files: 0 Data scanned: 164.66 MB Data read: 95.93 MB (ratio 1.72:1) Time: 23.748 sec (0 m 23 s)

    No infected files were found.

    Can you open up a Terminal window and use "shasum" to check to see if the .dmg file has been modified:

     shasum bitcoin-0.8.0-osx.dmg
    2e21aba0f9a758076435f71232e7763504930d36  bitcoin-0.8.0-osx.dmg
  5. SteveBaker42 commented at 6:47 PM on February 20, 2013: none

    Hello Gavin,

    Now I feel suitably embarrassed, as I am unable to reproduce the error since quitting ClamXav Sentry and restarting it again. (it was the Sentry program that reported the virus automagically upon downloading, rather than an individual file scan - which also does not report a virus.)

    If I did not have the screen grab of the warning from Sentry, that I forwarded earlier today, I would not believe it myself.

    I am so sorry to have caused you any grief over this.

    Thanks and Regards, Steve Riyadh, Saudi Arabia

    On 20 Feb 2013, at 17:53, Gavin Andresen notifications@github.com wrote:

    Very odd; running ClamXAv V2.3.4 I cannot reproduce the false positive:

    ----------- SCAN SUMMARY ----------- Known viruses: 1854537 Engine version: 0.97.6 Scanned directories: 2 Scanned files: 18 Infected files: 0 Data scanned: 164.66 MB Data read: 95.93 MB (ratio 1.72:1) Time: 23.748 sec (0 m 23 s)

    No infected files were found.

    Can you open up a Terminal window and use "shasum" to check to see if the .dmg file has been modified:

    shasum bitcoin-0.8.0-osx.dmg 2e21aba0f9a758076435f71232e7763504930d36 bitcoin-0.8.0-osx.dmg SB: 2e21aba0f9a758076435f71232e7763504930d36 bitcoin-0.8.0-osx.dmg

    — Reply to this email directly or view it on GitHub.

  6. gavinandresen commented at 8:15 PM on February 20, 2013: contributor

    No problem, better safe than sorry.

  7. gavinandresen closed this on Feb 20, 2013
  8. DrahtBot locked this on Sep 8, 2021
Contributors
SteveBaker42gavinandresen
Labels
macOS
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-21 18:16 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me