Misc. bug: Virus detected #10768
Comments
|
I tested the current file moments ago, and it did not get any hits on VirusTotal: https://www.virustotal.com/gui/url/5ee16d7fd5079993e4c7484f1efaa44dbb0ad09eecc1247462544a39ad18a178 |
it was b4297 which disappeared. I think it should be important to check this out so that there's no bad actors pushing binaries with extra features. |
|
I can still see b4297 in https://github.com/ggerganov/llama.cpp/releases/tag/b4297. All the builds are automatically generated, it is just a false positive. Seems to be a very common issue with Windows Defender. |
Sure enough it still say that this file has a trojan. But not any previous or following versions.
** EDIT ** I read online that this virus def seems to be a catch all for Defender when its "AI" scan isn't sure. Still, I wonder why this version and none of the others. |
|
https://superuser.com/questions/1829864/trojanwin32-wacatac-bml-found-in-c-extend-deleted
|
|
Alright that settles it. |
|
I just got this on windows 11. Microsoft helpfully deletes/moves the file into some kind of quarantine hell so I will just wait for the next release. |
|
I'm closing this |
|
Can you reopen this because every new version is doing the same thing. |
|
You should report this to Microsoft instead, there is not much we can do about it. |
|
Re-opened this by request |
|
b4321 worked ok. Maybe the file with the hash that was triggering Defender has changed now but it was the same for a few releases. |
|
Maybe enough people clicked on «send file for analysis» and its been added to whitelist. But ignoring false positive is bad practice, we should do as much as possible to avoid it. |
How would we do that? |
|
Triggered this with Bitdefender for me:
And:
It may very well be a false-positive. But I still felt it was sensible to post this here, just in case. |
|
I tried your file with Windows Defender and it asked to send the files to the mothership but otherwise they are accepted for me. |
|
Same problem for llama-b4338-bin-win-cuda-cu12.4-x64.zip - it gets automatically removed by built-in AV on Windows 11 (23H2 + all the updates) after the download.
No threats detected when scanning locally made binaries from b4338 tag using MSVC 2022, CUDA 12.6, and cmake commands as below: |
|
this time, its not just Windows Defender. b4387 -> VirusTotal reports this:
|
|
I also got a false-positive from Windows Defender. |
If it is accessible for you, compiling it yourself works very well and Windows Defender is very happy with the output. |
|
I also get virus warnings from latest cuda releases on Windows 11. |
|
Hi team, chrome won't even let me have the file
|
|
At this point it's probably better to stop releasing these cuda builds because we can't use them. |
|
I will not use these for sure. False positive or not. I'd like to know how is it possible for us to git pull the source code, build the project and them compile without doing any modification whatsoever to any files and get a full set of binaries that the anti-virus says are fine while binaries we download since last 30 days are almost always triggering AV. This does not compute. |
llama-b4433-bin-win-cuda-cu12.4-x64 has passed windows defender. I need to set up compilation again anyway though. |
|
latest still has the issue |
|
this has been ongoing for a while; I went ahead and submitted it to the Microsoft Security Intelligence team for review. This is obviously a false positive, so the only solution is getting Defender to resolve this. This is certainly not an issue with this repository beyond the fact some combination of bits is triggering it. |
|
their automated process flagged it. that's good news as it'll be, typically, moved forward towards being identified as a false positive
|
|
I got a Windows Defender positive on llama-b4644-bin-win-cuda-cu12.4-x64.zip on Windows 11. |
|
Ok, starting to see some progress. As of defender virus definitions 1.421.1785.0 it seems I can pull down the windows builds just fine. The submission on MS site is showing all good, but there are no notes yet from analysts. End of the day I've seen this virus pop up when I've been compiling a simple app in Visual Studio. It might come back, might not. But for now, seems to be good. |
|
I wonder why we don't get a Defender alert if we compile but we do with the binaries someone else compiled using the very same source code. |
I suspect it would need to be the exact same compiler for the file hashes to be the same. |
if you look at the results in the pic I posted, you'll notice the issue is with the actual zip, not any of the files within the zip. I honestly wouldn't be shocked if this was "fixed" if the archive command was switched to like something that changes the zip format a smidge by adding |
|
For reference, I am on Windows 10. I downloaded and scanned the above referenced llama-b4297-bin-win-cuda-cu12.4-x64.zip from December 10 with both BitDefender and Malwarebytes, and both returned clean results. Further, I started looking into the Wacatac.B!ml detection result a bit on Google, and it turns out that the specific attack this is referencing hijacks CUDA to do malicious things; however, I can see various search results going back all the way to 2022 of other projects triggering this, including people whose own self-written games got hit for it on their own machines. Below is the PR of the first build that got hit by someone's AV and reported here: https://github.com/ggerganov/llama.cpp/pull/10751/files I started scanning the builds before it because I was curious if any other builds before December 10 would also get flagged, as it makes no actual sense for THAT specific build to be the starting point. You'd think it would be a CUDA related change that would do it. This PR has absolutely nothing to do with any code I'd think would trigger a CUDA related virus warning, false or otherwise. Just to verify, I then chose another item from the above messages that users said got picked up by defender as having a virus: Finally, I scanned my entire download folder, which had both zips, using Windows Defender on Windows 10, which also came back clean. So I'm definitely inclined to believe that Windows 11's Defender, as well as some (but not all) of the AVs utilized by that online scanner folks are linking above, are misinterpreting the contents of release zip as being malicious since llamacpp also does CUDA work... but not 100% of the time. |
Theoretically that could also be interpreted as whatever tool that created the archive is compromised. |
Name and Version
llama-b4297-bin-win-cuda-cu12.4-x64.zip
Operating systems
Windows
Which llama.cpp modules do you know to be affected?
Other (Please specify in the next section)
Problem description & steps to reproduce
Windows Defender detected a Trojan:Script/Wacatac.B!ml in llama-b4297-bin-win-cuda-cu12.4-x64.zip
First Bad Commit
No response
Relevant log output
No response
The text was updated successfully, but these errors were encountered: