Serious Discussion Bitdefender and others detected it but kaspersky didn't. I'm a bit concerned.

harlan4096

Super Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
9,051
Hello,

Objects detection will be included in the next update.
not-a-virus:HEUR:RiskTool.MSIL.Miner.gen
Kaspersky applications classify the specified objects as legitimate software and do not identify them as malicious.
Thank you for your help.

1742380054983.png


I know You are joking of course hehe but EK is not involved in that questions for many years ago...
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,879
The current detection (not-a-virus:HEUR:RiskTool.MSIL.Miner.gen) is probably optimal. In such cases, the detection is not related to the file content but depends on the context. The file itself is benign but it was recently abused by the attackers. The context here is the prevalence of attacks and how popular and necessary is the file.
There are well-known and much more dangerous files that are classified as safe by all AVs (Windows LOLBins are good examples).
On the contrary, when the file is used only for malicious purposes, most AVs will classify it as malicious.
In other cases (like with the file from the OP) we can see any kind of detection.
 

bazang

Level 13
Jul 3, 2024
621
The file itself is benign but it was recently abused by the attackers.
Attackers are constantly abusing the file for malicious purposes - mostly crypto jacking and other crypto related cyber crime - for a long time.

"Users that want to use stuff" should stay away from NiceHash or stay away from crypto altogether. There is no crypto loss insurance nor consumer protections in the crypto space. Terribly manipulated (by crypto whales - who are often cybercriminals and organized criminals such as narcos) and insecure ecosystem.

OP is advised to find an alternative or just get out of the crypto gambling altogether.
 

Vimaro

New Member
Mar 18, 2025
3
Hi everyone, already detected with following verdict:
1742402382823.png

Reason: Is part of mining software, cannot be detected as malware but is a RiskTool. If users & customers have set their Kaspersky products to also "detect legitimate software that can harm your data" (In Settings>>Trusted Zone), this will be automatically detected.
 

bazang

Level 13
Jul 3, 2024
621
It is best not to use products such as NiceHash that have a long history of attacker abuse of one (perhaps more) for the libraries (DLLs) that ship with it. Such a product is inherently not safe if the user is going to rely upon AV to protect their system because AV regularly fail in attacks within the crypto ecosystem. Kaspersky is unreliable just like other AV.

The risk of attacks - especially embedded, surreptitious, and FUD is much higher within the crypto ecosystem than it is within the general consumer population.

It is far safer/more secure to reduce the attack surface by not using the vulnerable software and finding an alternative way of doing it.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top