-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JS/CoinMiner Trojan inside uBlock #698
Comments
Clean, 0/71: Do this Clam AntiVirus provide more information? Your log only shows files moved from quarantine to quarantine. Try reporting to Clam as false positive. |
Clam is known to remove uBO: https://github.com/gorhill/uBlock/wiki/Software-known-to-have-uninstalled-uBlock-Origin Probably triggered by URL from one of embedded filter lists: |
False positive as usual. |
Duplicate of gorhill/uBlock#2315 |
Yes I've done this before. My afraid is that is inside Coin Miner or this is just coincident with the same name. |
This filter list is packed inside uBO extension: https://github.com/uBlockOrigin/uAssets/blob/master/filters/resource-abuse.txt This list contains filters which match addresses of coin miners, and is used to block them. It seems ClamAV is not smart enough to understand this. |
Prerequisites
Description
[Description of the bug or feature]
A specific URL where the issue occurs
[A specific URL is MANDATORY for issue happening on a web page, even if it happens "everywhere"]
Steps to Reproduce
Expected behavior:
[What you expected to happen]
Actual behavior:
[What actually happened]
Hi,
After clean installed system I was scanning computer by Clam AntiVirus: Scanner v. 0.101.3.
This is a part what Clam found:
It looks like inside is JS/CoinMiner, which is a really Trojan Horse.
My systemdetails:
The text was updated successfully, but these errors were encountered: