Nightly Build reported as a virus by Google AV

Question

Nightly Build reported as a virus by Google AV

mensfeld opened this issue 2 years ago · 6 comments

Hey, this is probably an issue in the reporting but I wanted to give you a heads-up:

google-closure-compiler-windows - 20220926.0.0-nightly from NPM is reported as malicious by Google itself based on VirusTotal and recently updated Clamdscan signatures:

https://www.virustotal.com/gui/file/f2240b4e123fce798697e7a514fde2e0d1382d4612514cbcd25683af856ac791/detection

Raising this issue since it's Google complaining on Google

Answer 1 · 2022-09-26T16:02:04.000Z

Interesting - this could be fun to track down.

Answer 2 · 2022-09-27T04:59:54.000Z

Thanks for reporting.
This is pretty black box to me. I do not have prior experience with this website or the security scanning service provided by google.
Is there more information on the service, or an escalation path provided for such cases?

Answer 3 · 2022-09-27T10:35:09.000Z

@gunan I have no idea how that works. The only thing I know is that virustotal is owned by google.

Answer 4 · 2022-09-28T17:06:38.000Z

Just as an update, we're fairly certain this is a false positive, but to date none of us have found a way to report or address the issue with Virus Total.

Answer 5 · 2022-09-29T08:46:42.000Z

@ChadKillingsworth had the same problem. Really hard to figure out how to reach them about a particular issue...

Answer 6 · 2022-11-17T12:57:27.000Z

Since we apparently have no way to report this as a false positive or really take any action on it, I'm closing this issue.