Q&A Mullvad 65 contains Win32.Trojan.WisdomEyes

Joined
Jan 16, 2012
Messages
119
#1
Hi everyone, would anybody care to suggest what's going on here?

Mullvad VPN just issued the latest update, 65, and it appears to contain WisdomEyes trojan. My AV flagged it up, which never happened before. I downloaded the Win version.

Here's what VirusTotal has to say (and screenshot of same):

VirusTotal

Edit: Malwarebytes reports it can detect wisdonEyes, so possible this is a false positive?
Trojan.WisdomEyes - Malwarebytes Labs

mullvad 65.png


Trojan.WisdomEyes - Malwarebytes_ Detections.png
 
Last edited:

Opcode

Level 28
Content Creator
Joined
Aug 17, 2017
Messages
1,733
#2
Baidu and eGambit. :unsure:

I would assume it is a false positive detection since it is Baidu and eGambit and no vendors which I feel are "reliable" (unless generic detection specifically), but I've never heard of Mullvad VPN.

Could you send me the executable you scanned with for VirusTotal? I'll see if I can look into it more and get back to you. I recommend you submit the file through the submission forms to a vendor or two (such as Avira, Avast, Emsisoft or Kaspersky) and see what verdict they respond with too, since they have teams dedicated to getting through submissions 24/7 haha.

Better to be safe than sorry! (especially since VirusTotal is not the best for zero-day malware detection, so assuming it is just a FP is also a risk, but that doesn't mean it cannot just be an FP). :)
 
Joined
Jan 16, 2012
Messages
119
#4
Baidu and eGambit. :unsure:

Could you send me the executable you scanned with for VirusTotal? I'll see if I can look into it more and get back to you.
Sorry I don't know how to do that lol! Couldn't find how to send you a message with attachment? You can download the file straight from Client | Mullvad if you get a moment.

I uploaded it to Emsisoft. I'll report back their answer.

Cheers, Chigwells.