[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Trojan Detected by Kaspersky in One Debian DVD

On Wed, Oct 31, 2012 at 08:17:52PM -0400, Alan Feuerbacher wrote:
> A couple of weeks ago I downloaded to my Windows 7 machine 10 DVD
> iso files for debian-6.0.6-amd64. I have not yet installed Debian to
> this machine.
> Last night Kaspersky anti-virus detected a Trojan in one of the files:
> debian-6.0.6-amd64-DVD-7.iso\pool\main\n\nepenthes\nepenthes_0.2.2-6_amd64.deb\data.tar\.\usr\share\doc\nepenthes\README.VFS
> The Trojan is called Trojan-Downloader.BAT.ftp.z
> Is this a real Trojan? If so, why would it be there? If not, what is it?

This is a false positive: There is no trojan in the file README.VFS, but what's
interesting is that the package concerned (nepenthes, as John helpfully provided
a packaging link to) is a security tool related to trojans:

"versatile tool to collect malware by emulating widespread vulnerabilities"

Reply to: