Advice Request Mullvad 65 contains Win32.Trojan.WisdomEyes

Please provide comments and solutions that are helpful to the author of this topic.
Status
Not open for further replies.
Chigwells

Chigwells

Level 4
Thread author
Jan 16, 2012
194
Hi everyone, would anybody care to suggest what's going on here?

Mullvad VPN just issued the latest update, 65, and it appears to contain WisdomEyes trojan. My AV flagged it up, which never happened before. I downloaded the Win version.

Here's what VirusTotal has to say (and screenshot of same):

VirusTotal

Edit: Malwarebytes reports it can detect wisdonEyes, so possible this is a false positive?
Trojan.WisdomEyes - Malwarebytes Labs

mullvad 65.png


Trojan.WisdomEyes - Malwarebytes_ Detections.png
 
Last edited:
  • Like
Reactions: upnorth, Rengar and Deleted member 65228
D

Deleted member 65228

Baidu and eGambit. :unsure:

I would assume it is a false positive detection since it is Baidu and eGambit and no vendors which I feel are "reliable" (unless generic detection specifically), but I've never heard of Mullvad VPN.

Could you send me the executable you scanned with for VirusTotal? I'll see if I can look into it more and get back to you. I recommend you submit the file through the submission forms to a vendor or two (such as Avira, Avast, Emsisoft or Kaspersky) and see what verdict they respond with too, since they have teams dedicated to getting through submissions 24/7 haha.

Better to be safe than sorry! (especially since VirusTotal is not the best for zero-day malware detection, so assuming it is just a FP is also a risk, but that doesn't mean it cannot just be an FP). :)
 
  • Like
Reactions: upnorth, Anker_by, harlan4096 and 2 others
Chigwells

Chigwells

Level 4
Thread author
Jan 16, 2012
194
Opcode said:
Baidu and eGambit. :unsure:

Could you send me the executable you scanned with for VirusTotal? I'll see if I can look into it more and get back to you.
Click to expand...
Sorry I don't know how to do that lol! Couldn't find how to send you a message with attachment? You can download the file straight from Client | Mullvad if you get a moment.

I uploaded it to Emsisoft. I'll report back their answer.

Cheers, Chigwells.
 
  • Like
Reactions: upnorth and Deleted member 65228
Status
Not open for further replies.

Similar threads

F
    • Like
    • +Reputation
    • Wow
DLL hijacking vulnerabilities in Nirsoft tools
Replies
22
Views
6,049
News Archive
oleg sidorenko
O
Bot
    • Like
Announcing Windows 10 Insider Preview Build 19577
Replies
0
Views
1,897
Windows 10
Bot
Bot
M
    • Like
    • Applause
    • Wow
Advice Request Kaspersky and Cloud Privacy
Replies
125
Views
31,497
Kaspersky
MacDefender
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top