Microsoft Defender Antivirus detects "Trojan:Script/Wacatac.H!ml" about materialize HOT 8 CLOSED

update: A report has been submitted to Microsoft regarding the issue. It seems like it is targeting many public repository on js-based libraries. Some has linked this repository to mention about the false-positives the new Microsoft Defender update. I'll update when it is resolved.

from materialize.

A quick update, Microsoft has resolved at their end regarding the false positives. It should reflect later on when the next update comes.

from materialize.

The problem is fixed on my side, thx for the quick reaction.
@wuda-io I don't think that you should change your release workflow based on this.

from materialize.

Hi, could you verify that you've downloaded it from github? So far, based on this reddit post, this type of trojan is being flagged and have multiple false positive. I scanned the files on VirusTotal and could confirm there's no viruses detected.

VirusTotal scanned links:
materialize-v2.0.4: https://www.virustotal.com/gui/url/7b9046e977051c9f83573d89c224a418cce1bc50cb0f428104744fd2bd8a31c1
materialize-src-v2.0.4: https://www.virustotal.com/gui/url/fcaa99a78b62c7ec8d325d72b3686961aaf3b0d4626f98124a5741d22a4de951
materialize.js (src & non-src): https://www.virustotal.com/gui/file/782e94753a0d4bca82801a457486f137a3094dc74d3c4bf9eef8c149bfba2a5c

from materialize.

I don't know any way to technically confirm it but I just repeated the process again (download from GitHub) and I get the same warning.
I also had the feeling that it was a false positive. But now I'm curious what is suddenly triggering this message.

from materialize.

I don't know any way to technically confirm it but I just repeated the process again (download from GitHub) and I get the same warning.

I also had the feeling that it was a false positive. But now I'm curious what is suddenly triggering this message.

Yeah. I wouldn't trust much from Microsoft's side of antivirus. If you have more trusted antivirus (ex. Kaspersky or even Windows's bloatware antivirus McAfee) would yield better results. From the reddit, they said VirusTotal is quite trusted. And from VirusTotal also includes scans from Microsoft. Just let the computer a while and it should resolve later.

from materialize.

Hey guys, thanks for the quick investigation.

I updated the compression library via npm during the last release 2.0.4. Can this cause the issue? From my point of view, we can leave out the process of generating zip files completely.

Should we remove the zipping, what do you think?

from materialize.

@wuda-io I don't think that you should change your release workflow based on this.

Agreed.

from materialize.