I’m not a signature creator, but Reindl is on to something. Some websites have started mining crypto currency using javascript using your computer if you visit their site. It’s abusive, but not really malicious.
I’m guessing, as Reindl implied, that this signature is designed to detect such behavior. Maybe someone who is more in-the-know will chime in. In the meantime, you’re welcome to whitelist it or ignore it. Micah Snyder Software Engineer Talos Cisco Systems, Inc. On Jan 2, 2018, at 1:19 PM, Reindl Harald <[email protected]<mailto:[email protected]>> wrote: Am 02.01.2018 um 18:40 schrieb lejeczek: new to the list I'm, hi everyone. I'd like to ask if your minder, if you mine crypto conins that is, often pop up in clamav? I have this one: https://github.com/sammy007/cpuminer-multi and it gets flagged as: ./cpuminer-multi/minerd: Unix.Tool.Minerd-6404314-0 FOUND Would someone know something more about that code and why clamav sees it as .. right, as what exactly? didn't you notice that the newest shit is trying to abuse other computers for mine crypto coins even on websites with javascript? _______________________________________________ clamav-users mailing list [email protected]<mailto:[email protected]> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
