{"id":20668,"date":"2018-02-22T15:22:51","date_gmt":"2018-02-22T20:22:51","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=20668"},"modified":"2024-09-09T15:37:30","modified_gmt":"2024-09-09T19:37:30","slug":"avast-anti-virus-false-positives-for-apps-that-use-swift","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2018\/02\/22\/avast-anti-virus-false-positives-for-apps-that-use-swift\/","title":{"rendered":"Avast Antivirus False Positives for Apps That Use Swift"},"content":{"rendered":"<p><a href=\"https:\/\/discussions.agilebits.com\/discussion\/86860\/avg-quarantined-1password-libswiftdispatch-dylib\">fed_h<\/a>:<\/p>\n<blockquote cite=\"https:\/\/discussions.agilebits.com\/discussion\/86860\/avg-quarantined-1password-libswiftdispatch-dylib\"><p>AVG Anti-virus quarantined two files today. Both were instances of libswiftDispatch.dylib from the Applications\/1Password.app. AVG says they are MacOS:BitCoinMiner-AS[Trj].<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/forum.avast.com\/index.php?topic=216164.msg1449623#msg1449623\">vol24pl<\/a>:<\/p>\n<blockquote cite=\"https:\/\/forum.avast.com\/index.php?topic=216164.msg1449623#msg1449623\"><p>Suddenly one of Swift&rsquo;s standard library files is considered a bitcoin miner.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/dnanian\/status\/966461344609267713\">Dave Nanian<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/dnanian\/status\/966461344609267713\">\n<p>Avast is finding a false-positive bitcoin mining trojan in libswiftDispatch.dylib. If it quarantines the file, you will break many applications, including SuperDuper.<\/p>\n<p>There is NO Trojan in our app (or the others it&rsquo;s flagging)&#8230;<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/eclecticlight.co\/2018\/02\/22\/avast-and-avg-anti-virus-are-returning-false-positives\/\">Howard Oakley<\/a>:<\/p>\n<blockquote cite=\"https:\/\/eclecticlight.co\/2018\/02\/22\/avast-and-avg-anti-virus-are-returning-false-positives\/\">\n<p>The Avast and AVG detection libraries should be updated very shortly to address this error.<\/p>\n<\/blockquote>\n\n<p>Update (2018-02-22): <a href=\"https:\/\/twitter.com\/dnanian\/status\/966790697704673281\">Dave Nanian<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/dnanian\/status\/966790697704673281\">\n<p>One last follow-up regarding Avast&rsquo;s really dumb mistake. They actually flagged THEMSELVES!<\/p>\n<p>What this seriously shows is that they don&rsquo;t really test on the Mac. AV apps are really focused on Windows.<\/p>\n<\/blockquote>\n\n<p id=\"avast-anti-virus-false-positives-for-apps-that-use-swift-update-2024-09-09\">Update (2024-09-09): I am now hearing that Intego VirusBarrier is reporting apps that bundle <tt>libswiftCore.dylib<\/tt> as false positives.<\/p>\n\n<p><a href=\"https:\/\/x.com\/howardnoakley\/status\/1833168480671089059\">Howard Oakley<\/a>:<\/p>\n<blockquote cite=\"https:\/\/x.com\/howardnoakley\/status\/1833168480671089059\">\n<p>I confirm those idiotic false positives on libswiftCore.dylib. Such dumb detection routines.<\/p>\n<\/blockquote>","protected":false},"excerpt":{"rendered":"<p>fed_h: AVG Anti-virus quarantined two files today. Both were instances of libswiftDispatch.dylib from the Applications\/1Password.app. AVG says they are MacOS:BitCoinMiner-AS[Trj]. vol24pl: Suddenly one of Swift&rsquo;s standard library files is considered a bitcoin miner. Dave Nanian: Avast is finding a false-positive bitcoin mining trojan in libswiftDispatch.dylib. If it quarantines the file, you will break many applications, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2024-02-26T20:36:58Z","apple_news_api_id":"e816f95a-45ab-4d46-85c1-1cdb820a01f1","apple_news_api_modified_at":"2024-09-09T19:37:33Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAw==","apple_news_api_share_url":"https:\/\/apple.news\/A6Bb5WkWrTUaFwRzbggoB8Q","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[1633,914,131,2127,30,1529,504,901,2647],"class_list":["post-20668","post","type-post","status-publish","format-standard","hentry","category-technology","tag-avast","tag-bitcoin","tag-bug","tag-intego","tag-mac","tag-macos-10-13","tag-malware","tag-swift-programming-language","tag-virusbarrier"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/20668","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=20668"}],"version-history":[{"count":8,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/20668\/revisions"}],"predecessor-version":[{"id":44776,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/20668\/revisions\/44776"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=20668"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=20668"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=20668"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}