Author

Topic: New electrum version detected as Trojan by Bitdefender (Read 337 times)

hero member
Activity: 3024
Merit: 614
Leading Crypto Sports Betting & Casino Platform
I stopped using Bitdefender because of the so many false positives it shows up in my applications, another antivirus is not like that in my applications, I replace it with Secureplus and Karspersky, I'm using Electrum at  first it was detected as with Trojan also but from the reviews I've read it's a false positive.
sr. member
Activity: 1428
Merit: 250
I think it's not perfect way of install some apps, you can verify it's other way not try to detect by bitdefender! I am also upgrade new version from my mobile phone and it's work fine without any problems! I think sometimes anti-virus not work properly, and if you don't feel safe then you can avoid update now and you can waiting for some days for update from users and from also app developers!
legendary
Activity: 2128
Merit: 1293
There is trouble abrewing
I was on 3.3.4 and was trying to upgrade to 3.3.6 which showed up on my wallet
The above comments have given enough answers with a lot of details but how can this happen?  Huh  Did you download the antivirus software (Bitdefender) after downloading the old wallet version "3.3.4"? If this program is already installed you will get the same error in previous versions.

Check the signature and follow the official twitter account to check for future problems.

it sometimes is because of the changes they make in the application and add or remove certain functionalities and sometimes it is because those changes are creating certain hashes in the signature of the files that resemble a virus signature which then is caught as "suspicious" by the antivirus program.
the other possibility is the upgrades in the AntiVirus itself which adds new virus signatures so it starts detecting these things as Trojan,...
sr. member
Activity: 952
Merit: 308
I don't think you need to worry about the virus if you download the wallet from the official Electrum website. Indeed, sometimes there are errors made by antivirus, my files are also often detected by viruses, but in my opinion this antivirus is too sensitive.
full member
Activity: 476
Merit: 100
I am using electrum since I entered cryptocurrency. And there's no problem with its use. I don't have any problems with it nor having some viruses occuring at its platform. Probably the only thing I don't in favor with electrum is there are a lots of scam with this platform. Not on their part but those people that are pretending to be electrum.

Just ignore your virus detector. They are complete bust, I'm telling you. They were the ones to create virus at the first place. Wink. That's why, it's good to have windows defender instead.
legendary
Activity: 2702
Merit: 4002
I was on 3.3.4 and was trying to upgrade to 3.3.6 which showed up on my wallet
The above comments have given enough answers with a lot of details but how can this happen?  Huh  Did you download the antivirus software (Bitdefender) after downloading the old wallet version "3.3.4"? If this program is already installed you will get the same error in previous versions.

Check the signature and follow the official twitter account to check for future problems.
hero member
Activity: 1414
Merit: 516
I happen also with BitDefender to alert on some wallet that is virus, but after i scan on virus total say is not a virus, you should also try to scan your electrum wallet on virus total.
legendary
Activity: 1638
Merit: 1163
Where is my ring of blades...
I generally skip new updates, always lag about 2 or 3 versions, unless it's a critical one of course. Not that I don't trust new versions rightaway (if it's stable, it works, and Electrum + Tomas are about as solid as it gets) just never really get into updates until need them. By the time I DO get them though, the antiviruses seem to have gotten over their initial false positives.

it is also worth mentioning that if you decided to not get the updates right away then you have to follow the changes closely by checking the Github link of Electrum project to first see if there hasn't been any serious security issues by looking at the commits that you are missing out on.
also if you encounter any issues you first have to upgrade and see if that fixes it or not. usually most of the bugs people report while using an older version are already fixed.
legendary
Activity: 2758
Merit: 6830
I stopped using it after some news about the Electrum wallet. I haven't used it in a long time. Obviously I would recommend the same to you.
That was fixed already and Electrum is safe to use again.

Same thing happened with the Litecoin Electrum client, where even Windows Defender tagged it as possible malware.
I think they fixed it eventually, but it's not great advertising, that's for sure...

Was a bit of a pain to get it installed, since everything was quarantined automatically at first. After some research, I saw it was a common issue & nothing to worry about.
Did verify the signature, just to make sure.
There isn’t really a “fixing”, this is a problem with these antivirus. That’s the way they work (an virus can sing, so if this software can sing, it’s probably a virus as well). I don’t use any antivirus anymore because of this. Hasn’t been infected in more than 4 years. Smiley
sr. member
Activity: 1568
Merit: 321
★777Coin.com★ Fun BTC Casino!
I stopped using it after some news about the Electrum wallet. I haven't used it in a long time. Obviously I would recommend the same to you.
legendary
Activity: 1792
Merit: 1283
Same thing happened with the Litecoin Electrum client, where even Windows Defender tagged it as possible malware.
I think they fixed it eventually, but it's not great advertising, that's for sure...

Was a bit of a pain to get it installed, since everything was quarantined automatically at first. After some research, I saw it was a common issue & nothing to worry about.
Did verify the signature, just to make sure.
legendary
Activity: 2170
Merit: 1427
I don't actually focus on downloading the latest version of any wallets that I'm using. As long as it's working well and it meets the security measures that I need, I don't usually update it.

Same here. I still run Bitcoin Core 0.16.3 (latest version is 0.18.0) which contains the most important fixes dealing with the bugs in the previous versions, which means that I'm good for now. I'll upgrade to the latest version when there is a worthy enough difference to upgrade for, which isn't the case yet.

Best thing is to run clients through https://www.virustotal.com/ to see how other antivirus software solutions react to it. In most cases you'll only see one or two positives, which are mostly false anyway.
legendary
Activity: 3052
Merit: 1281
Get $2100 deposit bonuses & 60 FS
I did download the latest version of electrum and installed it on my system. Kaspersky did not notified me of any detection of Trojan in the new installed software, probably it is a false positive.

It seems the same query is in this thread https://bitcointalksearch.org/topic/electrum-336-trojangenerickd41303315-5144797


legendary
Activity: 2912
Merit: 6403
Blackjack.fun
Try to update the virus definitions for bitdifender , the trojan.generickd name is pretty self-explaining, it is pointing out that the file might be something suspicious!

I remember Bitdefender hat an option for further analyze the file, just use it and it will help them tag the file in the future as safe.

From where did you downloaded that version of Electrum?It seems that this update is really infected by a Trojan

Sorry but..what?Huh?
sr. member
Activity: 980
Merit: 294
Again, reading the title gave me little heart attack. lol! I really don't mind updating mine as well.

Seems trojan was too way active and over reacting in new versions, perhaps could be the bitdefender is the one needed an update? It seems sensitive and giving us false warning.
hero member
Activity: 1274
Merit: 519
Coindragon.com 30% Cash Back
I don't actually focus on downloading the latest version of any wallets that I'm using. As long as it's working well and it meets the security measures that I need, I don't usually update it. The detection of Bitfender is quite bothering but I just hope that it wouldn't ruin the reputation of Electrum.
legendary
Activity: 3010
Merit: 3724
Join the world-leading crypto sportsbook NOW!
I generally skip new updates, always lag about 2 or 3 versions, unless it's a critical one of course. Not that I don't trust new versions rightaway (if it's stable, it works, and Electrum + Tomas are about as solid as it gets) just never really get into updates until need them. By the time I DO get them though, the antiviruses seem to have gotten over their initial false positives.

As repeatedly said, you verify your electrum, you're gold... until critical bugs are found;)
sr. member
Activity: 1596
Merit: 335
I haven't downloaded the latest version and still waiting for reviews and updates from users. I trust electrum and I think it wouldn't be a trouble for most users.
Bitdefender is actually too active and we can't question how it could simply detect this kind of case.
sr. member
Activity: 1008
Merit: 355
The problem comes in with the way that some anti-virus software detect viruses or malware. Apart from detecting specific code, it also use heuristics to check for specific behavior that looks like virus or malware activity and it warns the user, if it detects something that looks suspicious. There are some viruses out there that has not been reported or detected by their team, so these "wild" viruses are flagged by their software, if it acts like a virus or malware. The latest changes might have acted like a virus in some way, but it is not a virus.   Wink Why would the Electrum developers deliberately add a virus to their code?

As long as one has downloaded from the real site or source, I think there is nothing to worry about it. Bitdefender is just being cautious and is just doing its assigned job. Many anti-virus are behaving this way since the update can be new to them...maybe just part of the regular security protocol. In other words, not all that can be detected as a virus, smells and looks like a virus can be virus at all. Who knows, they are just there so that Bitdefender will wake up and do its job (ok this can be an overstretch lol).
sr. member
Activity: 2254
Merit: 258
I experienced that the first time but since I downloaded it on the official site and I read a lot of false positives reviews of anti virus on Electrum I proceed to install Electrum wallet to my desktop and so far so good, it's working perfectly and no issue whatsoever but I'm not storing all my coins on this wallet alone.
legendary
Activity: 1946
Merit: 1137
as long as you trust Electrum developers and also verify that the file you downloaded was indeed released by them (in other words if you verify the signature of that file) you have nothing to worry about and you must add Electrum to your anti-virus's exclusion from scanning list. you can also report the false positive to the company to improve their detection engine.

if you don't trust Electrum developers then you have to download the source code and compile it yourself after reviewing the code to make sure there is nothing shady going on.
this is how the decentralized open source community should work.
hero member
Activity: 3192
Merit: 939
From where did you downloaded that version of Electrum?It seems that this update is really infected by a Trojan.What if Electrum is really compromised?
By the way,this forum (Bitcoin Discussion) isn't the right place to post such topic.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
The problem comes in with the way that some anti-virus software detect viruses or malware. Apart from detecting specific code, it also use heuristics to check for specific behaviour that looks like virus or malware activity and it warns the user, if it detects something that looks suspicious.

There are some viruses out there that has not been reported or detected by their team, so these "wild" viruses are flagged by their software, if it acts like a virus or malware. The latest changes might have acted like a virus in some way, but it is not a virus.   Wink

Why would the Electrum developers deliberately add a virus to their code?
legendary
Activity: 2758
Merit: 6830
As always...

Electrum is known from having false-positives. If you downloaded from the right website, then that’s nothing.

Verify your Electrum signature by following this guide: https://bitcoinelectrum.com/how-to-verify-your-electrum-download/

If it returns valid, you are good to go.

And:
Quote
"Anti-virus" software uses shitty heuristics to detect malware. PyInstaller is a convenient tool to package python apps. We use PyInstaller. Malware authors use PyInstaller. Everything that uses PyInstaller is detected as malware.
From: https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953
legendary
Activity: 3038
Merit: 2162
In fact it's very common for antiviruses to detect new version of crypto clients as melware because those antiviruses simply look at executable files, and if they don't match them in their database, they mark them as malware, so it happens when a new version gets released and very few people have installed it. So there's a high probability that it's just a false positive, if you have downloaded from the official site and verified the signature of the developer, you should be fine, although to e sure try waiting a few days and see if other people report anything suspicious.
copper member
Activity: 2128
Merit: 1814
฿itcoin for all, All for ฿itcoin.
So long as the signed signature of your upgrade is verified then there's nothing to worry about.
It's nothing new with Electrum. There have been false positives in the past by different antivirus engines.
Keep your eyes peeled though  Grin
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
If you have verified the download before installing and if it was verified successfully then just hit the restore button. You do not have to trust Bitdefender in that case.
These anti virus are not end of the world, sometimes they are itself the virus and stupid 🙂
sr. member
Activity: 647
Merit: 274
New electrum version detected as Trojan by Bitdefender
(Self explanatory)

I was on 3.3.4 and was trying to upgrade to 3.3.6 which showed up on my wallet


Jump to: