Virus total rating as tmate as Trojan/Malware
borisovano opened this issue · comments
Are you aware of any compromised binary?
Searching the 'd2fff992e40ce18ff81b9a92fa1cb93a56fb5a82c1cc428204552d8dfa1bc04f' hash led me to:
https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/
https://digital.nhs.uk/cyber-alerts/2021/cc-3754
More likely than not, tmate is being used by the malicious executables for C2 activities -- much like 'xmrig' is used often in cryptomining attacks but that doesn't necessarily make the program itself malicious.
PS: I'm not a maintainer of the package.
OK Thanks for the response!
Q to the maintainers - do we sign the releases? I didn't see signature among the artifacts
Any note from official maintainers so I can close safely?