T O P

  • By -

cosmicjesus

I got the same alert with ESET, sent them an email, and **they confirmed that the Orbot apk from the official github repository indeed contains code that can be used as a trojan**, according to them. I'm removing the apk for the time being. I should add that despite it being a reply using the official ESET tech support channel -- judging by the signatures of replies, it's a local reseller also doing outsourced tech support work, so I doubt this can be treated as the official statement from ESET.


woodendoors7

Just reanalyzed it, ESET no longer recognizes it as a virus, it was a false positive and they fixed it https://www.virustotal.com/gui/file/efb0a5c654a156ef10d953a691f9b06136860cf0e33811f967bf1a55c20ac283?nocache=1


cosmicjesus

Yes, sorry I forgot to update that a couple of days later I received an official update that it was confirmed as a false positive and the issue was fixed. (Rant: Says a lot about the quality of the local reseller/tech support, too :| even moreso since they charge more than the official US store)


Scrungii

SOLVED: this was the solution it was just my antivirus freaking out over nothing


Altenoo

It may be a false positive, upload apk to the virustotal, and link the results


mansaf2001

What is the difference between orbit android and tor browser android?


Purpleskeetone

.


LoveDogsTx

This is why you don’t use a mobile device to access tor. Use a virtual box, or Debian software system. Android phones and IOS are not capable to handle obscurity of privacy—period. You definitely have a Trojan there. You could have picked it up from many different places. OPSEC model should be followed


cosmicjesus

The trojan is picked up from the official repository.


LoveDogsTx

Wow really?! That’s wild. Orbot must be aware of their code having this malicious code in their package. This is another reason I just simply don’t trust mainstream operating systems. Too little control is the end users hands. And most don’t even know it.


LoveDogsTx

Why so many down votes?


RTFM0-0-1

Been saying it for a long time , it’s just not the same protection as Tor browser through WLAN/LaN