Why my windows defender think my rust file is Trojan

Screenshot 2024-05-23 110926

My (non-expert) understanding is that the "!ml" at the end means it's a machine-learning detection, which is another way of saying it's guessing. If you search, there are lots of examples of antivirus software producing tons of false-positive results on Rust-built executables, many of them seem to involve machine learning and "AI".

As for the specific reason in this case, no one else has any way of knowing. We don't know what your code is doing, or what dependencies you are using, or what versions you're using. It might be legitimate (you could have a compromised dependency and you're just the first to encounter it, or maybe you installed Rust from a compromised source)... but again, we have no way of knowing.

That said, if "eth" is "ethereum", then doesn't that involve exactly what that message says? Smart contracts are programs which would constitute "executes commands from an [external party]".

You could try running the file through other antivirus packages via an online scanner and see if others identify the same thing.

2 Likes

To make an (un)educated guess: there weren't many rust executables in the datasets these tools were trained on. They look "different" and to some degree, that is equated to malicious by these ML tools.

Looks like the error message is telling the truth. If that is Etheream then it is downloading and running code. Pretty much the definition of a trojan.

1 Like

If you stretch the definition that far, then web browsers, Folding@Home, and video game clients are all trojans. The part where the program is malicious is important.

3 Likes

It's all a question of trust I guess.

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.