Electron-builder: Trojan Alert for Win32 app-builder.exe

Same here

electron-builder 22.6.0 published. Rebuilt with a new Go version.

Same for me

Get the same issue with electron-builder 22.6.1.

are we safe?

Antonio Di Maio

Il giorno 25 mag 2020, alle ore 11:06, David Reimers notifications@github.com ha scritto:

Get the same issue with electron-builder 22.6.1.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.

Not safe

Using electron-builder 22.6.1 and was flagged by Windows Defender as:

trojan called Wacatac.C!ml

I am thinking if I should quit with electron-builder and research for
different solutions....

Il giorno lun 27 lug 2020 alle ore 17:10 Michael Wingfield <
[email protected]> ha scritto:

Using electron-builder 22.6.1 and was flagged by Windows Defender as:

trojan called Wacatac.C!ml

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/electron-userland/electron-builder/issues/4906#issuecomment-664455090,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ADUCCFV7X4FJK2FHOLEDV53R5WKG5ANCNFSM4MSM5LHA
.

--

Ing. Antonio Di Maio

*Mobile * +48 534 861 209 | *Skype *dimaio_antonio

ul Torfowa 12/4, Cracow, Poland

www.antoniodimaio.com

This email including all attachments may include confidential information.
If you are not the intended recipient or if you received this email by
mistake, please inform immediately the sender and destroy the email. Any
review, copying or distribution of this email is strictly prohibited.

I am thinking if I should quit with electron-builder and research for different solutions.... Il giorno lun 27 lug 2020 alle ore 17:10 Michael Wingfield < [email protected]> ha scritto:
…
Using electron-builder 22.6.1 and was flagged by Windows Defender as: trojan called Wacatac.C!ml — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#4906 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADUCCFV7X4FJK2FHOLEDV53R5WKG5ANCNFSM4MSM5LHA .
-- Ing. Antonio Di Maio *Mobile * +48 534 861 209 | *Skype *dimaio_antonio ul Torfowa 12/4, Cracow, Poland www.antoniodimaio.com
______________________________________________ This email including all attachments may include confidential information. If you are not the intended recipient or if you received this email by mistake, please inform immediately the sender and destroy the email. Any review, copying or distribution of this email is strictly prohibited.

electron-packager better solution without virus :) Thousands of people developing commercial apps with Trojans because of electron-builder, Can you believe it? :D

it is false positive, see https://groups.google.com/forum/#!topic/golang-nuts/Au1FbtTZzbk

I will rebuild once again on Windows machine. Looks like MS Defender bug still not fixed.

Please try https://github.com/electron-userland/electron-builder/releases/tag/v22.8.1

To make sure that no false positive detection of virus, windows executable were built on Windows, and not on Linux.

are we safe?

It is false positive. Moreover, binaries were build on a clean Linux VM. The same applies for a new Windows binaries — clean Windows VM.

Issue still reproducing for us: https://www.virustotal.com/gui/file/408084d02216b51b0869813ac637d5d32383a5b9684b22591702c82eee5ab342/detection
Config that we use:

nsis:
  perMachine: true
  createDesktopShortcut: false
  createStartMenuShortcut: true
  unicode: true
  runAfterFinish: true
  oneClick: true

Its not related to our application specific code as its reproducing when building with prepackaged flag that points to a directory that has only one file in it: elevate.exe.
When elevate.exe removed or perMachine set to false or oneClick set to true, trojan warning goes away.
Tried with electron-builder v22.9.1, v22.8.1, v22.8.0, v22.6.0.