[manjaro-security] possible malware infection in last wine update

[Roger PB]

Goodnight,


I am heading to this address, hoping it is the right place. If not, I 
apologize and thank you if possible and if you consider it appropriate 
to indicate the correct way to proceed.

The reason for sending this message is to report the detection of 
malware by the antivirus system in the process of updating the installation.

I am a Manjaro user, although my knowledge of Linux is not extensive.

My locale configuration is es_ES.UTF-8

I explain scenario and basic data:

Tonight (Spain time), when logging in, Pamac showed an update notice. 
Once the process has been launched, the antivirus installed has detected 
malware in the wine update. In my manjaro installation I have ESET NOD32 
Antivirus 4 installed.

This is the log:

22/01/21 21:52:36 Protección en la precarga del acceso archivo 
/usr/lib32/wine/iexplore.exe una variante de Win32/GenKryptik.EZYZ 
Troyano desinfectado por eliminación root Se produjo un suceso en un 
nuevo archivo creado por la aplicación: /usr/bin/pamac-daemon 
(74FA34DE61015159E714C5422FE58428A00D8055).

Wine was updated to version 6.0-1

Operating System: Manjaro Linux
KDE Plasma Version: 5.20.5
KDE Frameworks Version: 5.78.0
Qt Version: 5.15.2
Kernel Version: 5.10.7-3-MANJARO
OS Type: 64-bit
Processors: 8 × Intel® Core™ i7-6700 CPU @ 3.40GHz
Memory: 31.3 GiB of RAM
Graphics Processor: GeForce GTX 1060 6GB/PCIe/SSE2

ESET:

Módulo de actualización    1076 (20200313)
Módulo del análisis antivirus y antiespía    1568.2 (20201214)
Versión de la base de firmas de virus 22690 (20210122)
Módulo de soporte de archivos comprimidos 1312 (20201223)
Módulo de heurística avanzada 1205 (20201209)
Módulo de desinfección    1214 (20200921)

Sincerely,

Roger PB.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20210122/2dcaa0c0/attachment.htm>