system
March 13, 2014, 4:51pm
1
Hello, I’m the developer for a legitimate app in the Mac AppStore called Bitcoin Ticker - To the Moon! https://itunes.apple.com/us/app/bitcoin-ticker-to-the-moon!/id731453251?mt=12 . A couple months ago my app was hijacked along with some other legitimate apps, and were uploaded as a trojan to popular third party websites such as Download.com and MacUpdate.com . The details can be found here http://www.reddit.com/r/Bitcoin/comments/1xnm1v/os_x_users_beware_downloadcom_and_macupdatecom/ . The actual Mac AppStore version has always been clean since only I can code sign and upload it to the Mac AppStore.
In the last update I added some security features incase the app was ever modified again by a third party. If the app has been tampered with it will show a warning message and then disable itself http://cl.ly/image/3c2Q0W3Y1M1C . How can I go about removing my app as a false-positive? I’ve already sent a false-positive report a couple weeks ago with no reply. Here is a screenshot of the false-positive http://cl.ly/image/1X280Y3i2G2z .
Can you upload the detected file to virustotal.com and post a link to the scan results here?
system
March 13, 2014, 5:35pm
3
Send the file in an password protected archive to virus@avast.com Subject:false positive
Dont forget to tell them the password.
system
March 13, 2014, 6:33pm
5
Thanks, I sent it. Do you know what the usual turn around time is?
Theyre pretty quick on flse positives but it depends on virus lab load. Theyre processing 350000-450000 files a day.
Usually it should be fixed within a few days. maybe a bit longer cause its a Mac Software.
system
April 6, 2014, 6:09pm
7
Hi guys, it’s been almost a month and my app still hits as a false-positive. Can some one from avast please tell my why?
Milos
April 7, 2014, 11:54am
8
Hello,
detection was fixed on 14th March 2014.
Milos
system
April 7, 2014, 3:32pm
9
When I try to download the app from the Mac App Store it is still blocked. Here is a screen recording. I was running the current virus definitions. https://dl.dropboxusercontent.com/u/17346600/AvastBitcoinTTM.mov
files have different hash
We need that samples to analyze.
Send the sample to virus@avast.com with “False positive” in subject.
system
April 9, 2014, 1:39pm
11
Ok thanks I resent. I sent an encrypted version of the complete .app this time.
system
April 15, 2014, 3:10pm
12
Any update? The app still hits as a false positive. Can someone from avast please help me resolve this?
I haven’t seen the newly sent sample.
Post VT(virus total) link of the detected file (previous one was already fixed).
submit again
https://www.virustotal.com/
system
April 16, 2014, 3:13pm
14
I took a closer look and it seems the temp pkg file was hitting as a false positive when trying to download the app. It seems to be fixed now though. No more false-positive hits! Thanks for your help
was fixed in VPS 140416-1 update
at apologize for the delay in resolving problems are several that I forget
you’re be welcome