Glasswire 2.0 Installer Trojan Alert

asldjasldj · December 15, 2017, 11:46am

Avira alerts for a trojan contained in v2.0 installer. (TR/Crypt.ZPACK.Gen2)

https://www.virustotal.com/de/file/5c84272f568394d50c1848e1dfb6c90e7ecfe9f569089dc82503cdd6be9d847b/analysis/1513337664/

Kind of freaked me out, since glasswire is specifically for the paranoid.

Also the 2.0 release is really an untested ***. It cleared all my 1.x data and completely fucked up my computer (which was in ask to connect mode) and would get any connectivity and would not even launch the interface to disable glasswire blocking. Had to uninstall glasswire and disable my windows firewall completely in order to use my computer again Well, this is another topic tough …

Ken_GlassWire · December 15, 2017, 12:44pm

@asldjasldj

Yes, I submitted this false positive to Avira yesterday. You can do the same and maybe it will speed up the fix https://analysis.avira.com/en/submit

Ken_GlassWire · December 19, 2017, 6:19pm

The false positive has been removed. Update to your latest definitions to solve this.

asldjasldj · December 19, 2017, 9:32pm

Well considering that GW is a software for security conscious user, who are most likely to have a good reason for buying Glasswire in the first place (sensitive customer data etc.), a (false) positive antivirus alert is a big thing. In the recent past there have been numerous incidents where the (just) the webserver has been hacked and the executables were switched with crypto trojans and the likes.

However, I apologize for the outburst. That day just getting my work machine to actually work again took hours and countless retries of installing Glasswire, clearing data, all while having zero network connectivity (which might be a good thing in case of an infection) and a GUI that kept crashing after few seconds and as well as a blank interface. All of those issues were reported elsewhere, so my comment regarding the QA on v2.0 remains.

Ken_GlassWire · December 19, 2017, 9:55pm

@asldjasldj

We did QA and even beta testing in advance with several hundred users and nobody experienced the problem for some reason, but we think we know the cause and we’re rushing out an update. I apologize for the problem.

Ferdinand · December 20, 2017, 4:02am

Not quite true Ken. My brother tried to tell you about this among other issues and you shut him down.

Pumpitup · December 30, 2017, 6:05am

I installed the latest 2.0 version today and still get the Trojan notification