AXT1800 beta firmware - Virus detected?

I downloaded the beta firmware for AXT1800 and the system detected the virus
Screenshot (360)

Same issue like this one: [Solved] Flint 2 - Windows Defender detects Virus in Firmware image?

Mostly it’s an Microsoft Defender issue. All other scanners are fine with the file: VirusTotal

Wouldn’t make any sense to hide a virus inside this because you will copy this file to your router and won’t run it on your Windows system anyway.

It might be a false positive by googles filter maybe atleast if they have that along with windows defender, i got it too but it reacts on the extension name :slight_smile:

Though if it becomes a real warning i would check it more via virustotal, could be just the packing which was triggered as heuristic, but for a malicious actor build servers are always on their interest.

( i happen to experience it myself ages ago compiling java things from maven, a infection can easily happen if it downloads a remote dependency from a infected server and runs a unit script on a non provided scope ).

^ no not to scare you, and likely that is not what is going on, unless more people report it, im just on the paranoid edge and check checksums against such automated attacks :+1:


Also a AV detection is not always OS specific, it can be a certain script, or file or packing, ive seen it happen on even php files or js script with code to try to hide the body code (also known as bron-o-matic), even if the risk is low in this case, it doesn’t mean a router can still be infected that way and such alert could have been valid, that error in the browser is not a real indication but if a AV does it, then you might consider checking virustotal how many of them say it is a detection :wink: