when starting the magi wallet, it uses an online service to check your IP + nationality.
Trojans most likely use the same service and thus this part got added to anti-virus software as being "suspicious".
some anti-virus tools will not take anything else into consideration and will just block the whole thing.
Sadly this is really a trojan
i've tried multiple altcoins forked from similar bitcoin version and they dont express same behaviour in virustotal
did you use the magi wallet that is on the first post? i suggest you download the compiled one from there if you didn't.
edit:
i just checked the sha256 hash of the wallet i use, it's the same as yours. strange.
You mean you don't have that issue deztroyr1?
I don't receive a message from virusscanner.
AV cries about the IP check that is built in. apart of that it works fine. just now i checked for suspicious connections but all seems fine.
dunno what 62.210.131.147:6667 does. other coins connect to this ip as well.
i don't think there's a trojan. obfuscated code might be flipping out virustotal
Thanks for the fast reply. So its all ok. Good thing!
well I've checked a bit deeper now to see what 62.210.131.147:6667 does.
your magi wallet will actually connect to an IRC server and join channels.
Internet Relay Chat........
....... Trailer: End of /WHO list.
some anti-virus software detect an IRC bot. The above code proves that the magi wallet in fact contains an IRC bot. this does not mean that this is dangerous for you. but obviously your computer could be used for automated illegal activities.
someone better come up with a good reason for this IRC bot.
Antivirus definition updates from many a/v vendors today are flagging several wallets and miners as trojans or malware and all sorts of different names - technically this is correct and always has been because this code "can" be used maliciously but for those of us who have been doing this for a while, we call it a false flag detection.
We (I) could be wrong and there could be some nasty code there that we've missed but as of now I don't see that happening. Unfortunately, the bright bold warning from many a/v programs is enough to deter the majority of users and rightfully so.
The IRC code in many wallets does introduce vulnerabilities to the system and can be used maliciously, I believe this was a tool for discovering nodes, peers, and IP's - the problem with that is that it works both ways and you are no longer incognito because your IP is also discoverable. It's more complicated than that but that is enough to be flagged right there.
Some coin devs have been making wallets without the IRC code in order to not get flagged by a/v software as being malicious, maybe Joe can create a separate wallet for us without that code? I'm not a dev so I have no idea what is involved in this but I have seen other devs do this in a matter of a day or two and going forward I think this would be a smart move - security and safety first!
In the meantime, I'm using the wallet without issue but I do not allow it to run 24/7.
(Virkol)
