this post was submitted on 09 Nov 2024
46 points (89.7% liked)

Humble Bundle

347 readers
4 users here now

Unofficial community for the Humble Bundle website!

Community logo taken from https://www.humblebundle.com/

founded 1 year ago
MODERATORS
lazycouchpotato
Mario
46
[WARNING] Virus detected in latest HumbleBundle (sh.itjust.works)
submitted 2 weeks ago by [email protected] to c/humblebundle
19 comments fedilink hide all child comments
 

I tried posting this on Reddit but the mods have to approve it and haven't yet. I'll warn you guys.

I just downloaded the HumbleBundle Programming MEGA Bundle 2024 by Packt via torrent and stored it in my NAS. That system ran a virus check and found the file pragmaticmicroserviceswithcandazure.zip had a virus Win.Packed.Pwsx-10034067-0 in it. Is this common on HumbleBundle? I would expect something like this on a cybersecurity bundle for studying viruses but not on one about microservices. This zip file is for the book Pragmatic Microservices with C# and Azure.

you are viewing a single comment's thread
view the rest of the comments
[–] slazer2au 8 points 2 weeks ago (1 children)

You said you are running linux so you are pretty safe from a windows virus. Judging by the book and the alert it likely saw some PowerShell code and got a bit concerned about PowerShell inside a pdf inside a zip, a known way to deliver malware.

I would do 2 things.

Contact humble support, it may have been reported and they can reassure you of the validity of the file. Secondly, Submit the file to virus total and see if anything else sees it as a known malware sample.

[–] [email protected] 5 points 2 weeks ago (1 children)

Hey thanks for the reply. I just discovered this virustotal website and submitted the file there. Here is the results from their scan. It looks like only ClamAV found the virus so it may be a false positive. I just got worried because I often buy books from HumbleBundle and this is the second time ClamAV quarantined a file from them.

[–] Ptsf 1 points 1 week ago

Might be worth tracking down one of the researchers submitting to the clamav software repos and forwarding them a copy of the flagged zip. If they don't dig in and find malware, they could at least improve the detection algo