MUSL APK - malware detection
I just start to use Alpine so I’m not sure in which category (and in which way) I should report an issue, I would be pleased if someone points me to right direction.
My issue is not so big, it’s mostly for your info.
Yesterday I made an fresh install of Alpine Distributive on my Windows
machine with VBox.
There were no problem, I passed all steps with
The script automatically detected host for repositories. That was http://mirror.fit.cvut.cz/alpine/
When I login and made first recommended steps
#apk update then
#apk upgrade I got an issue with Musl package, the host-machine’s
antivirus simply block downloading.
I was able to update the package only through another mirror by https.
I made some experiments with different mirrors - the same result, the
antivirus detected malware. Then I downloaded the libruary directly from
no issues, archive scan and exact
ld_musl_86_64.so.1 scan didn’t show
any alarms. So looks like there is something added by package creation
process and that is not appreciated by antivirus.
I think it would be better to double check - if there isn’t trouble.
Host: Windows 10
Host-antivirus: Avast Business Pro
Antivirus message: (translate: “Connection to mirror.fit.cvut.cz was declined due to the ELF:BitCoinMiner-HP[Tr] malware detection”)
(from redmine: issue id 10074, created on 2019-03-09, closed on 2019-06-03)