Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Electrum
Re: 2 weird happening now in ELECTRUM WALLET. (calling all devs from electrum)
by
TryNinja
on 07/02/2019, 21:07:14 UTC
Quote from: CJR on February 07, 2019, 07:06:43 PM
I received the same error on my electrum wallet 3.3.2, but instead of downloading from the link, I went to download the new .exe installer for windows on electrum.org website.

As soon as I downloaded it, windows defender showed me an error of a trojan on the file.

Not sure what to do, if I leave the previous version Im exposed to phishing, but if I download the new version from the electrum.org website I get a trojan warning message from windows defender.

Any updates on this?
Don’t worry. That’s most likely just a false positive. Electrum shows as a trojan to a few AVs out there. If you downloaded from electrum.org then you are safe. But, make sure to verify the file signatures before running it.

Here is an tutorial on how to verify the file signature: https://bitcointalk.org/index.php?topic=5105901.0

I made a post talking about this yesterday:

Quote from: TryNinja on February 06, 2019, 06:52:28 PM
Quote from: zetzetzet on February 06, 2019, 05:54:05 PM
Lucius, yeah, just seen that thread.

ThomasV, could you, please, write here in sticky thread MD5 / SHA-1 / signature of real Electrum 3.3.3 ?
Just verify the signatures.

Electrum is commonly acussed as a trojan by a few random AV’s. But that’s just a false-positive. It happens all the time.

Here is Electrum’s “official” explanation:
Quote
"Anti-virus" software uses shitty heuristics to detect malware. PyInstaller is a convenient tool to package python apps. We use PyInstaller. Malware authors use PyInstaller. Everything that uses PyInstaller is detected as malware.
Quote
Anti-virus software have (and always had) false positives, and some of them tag Electrum as malware. This is out of our control. This does not mean that Electrum is or contains malware.

The Windows binaries are signed using the native Windows signing scheme by an entity named Electrum Technologies GmbH. They are also signed using GPG by @ecdsa (ThomasV). The GPG key fingerprint is 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6.

If you trust the developers of the project, you can verify the GPG signature, and ignore any anti-virus warnings.

If you don't trust the developers with not backdooring the binaries, you can (1) build binaries yourself; or (2) you can run from source. Some of the binaries are built reproducibly, so you can also check that those match.
More: https://github.com/spesmilo/electrum/issues/3198#issuecomment-458949319