Nightly Build reported as a virus by Google AV

Question

Nightly Build reported as a virus by Google AV

mensfeld opened this issue 2 years ago · comments

Hey, this is probably an issue in the reporting but I wanted to give you a heads-up:

google-closure-compiler-windows - 20220926.0.0-nightly from NPM is reported as malicious by Google itself based on VirusTotal and recently updated Clamdscan signatures:

https://www.virustotal.com/gui/file/f2240b4e123fce798697e7a514fde2e0d1382d4612514cbcd25683af856ac791/detection

Raising this issue since it's Google complaining on Google

Chad Killingsworth · Answer 1 · Tue Sep 27 2022 00:02:04 GMT+0800 (China Standard Time)

Interesting - this could be fun to track down.

Gunhan Gulsoy · Answer 2 · Tue Sep 27 2022 12:59:54 GMT+0800 (China Standard Time)

Thanks for reporting.
This is pretty black box to me. I do not have prior experience with this website or the security scanning service provided by google.
Is there more information on the service, or an escalation path provided for such cases?

Maciej Mensfeld · Answer 3 · Tue Sep 27 2022 18:35:09 GMT+0800 (China Standard Time)

@gunan I have no idea how that works. The only thing I know is that virustotal is owned by google.

Chad Killingsworth · Answer 4 · Thu Sep 29 2022 01:06:38 GMT+0800 (China Standard Time)

Just as an update, we're fairly certain this is a false positive, but to date none of us have found a way to report or address the issue with Virus Total.

Maciej Mensfeld · Answer 5 · Thu Sep 29 2022 16:46:42 GMT+0800 (China Standard Time)

@ChadKillingsworth had the same problem. Really hard to figure out how to reach them about a particular issue...

Chad Killingsworth · Answer 6 · Thu Nov 17 2022 20:57:27 GMT+0800 (China Standard Time)

Since we apparently have no way to report this as a false positive or really take any action on it, I'm closing this issue.