Post by leafo in Malware scanning/warnings

Viewing post in Malware scanning/warnings

leafoPinned ReplyAdmin4 years ago (2 edits) (+2)

Hello, sorry for not replying to this topic sooner!

We actually do have automated virus scanning. VirusTotal is not accurate enough in a lot of cases for us to automatically suspend content, so typically content gets put into a review queue where we human review it. For example, the games you reported were actually suspended from review by us before we saw your topic about them.

Regarding the safety of files in general, keep in mind that anyone can publish a project page on itch.io. You should use the same discretion you use when downloading any program off the internet. If you think something is suspicious then don’t download it and report it. No virus scanner is perfect. We try to keep the files hosted safe and secure, but due to the nature of how we are a self publishing platform servicing a large number of publishers, we can’t guarantee we’ve tested and verified of piece of software uploaded.

For added security you may want to investigate the sandbox within the itch.io app. It’s able to run games on a separate user account with restricted privileges. This can help block malicious software from having access to your files.

Alternatively, if you’re concerned about downloading software off the internet, we have a large selection of HTML5 games that can be played directly in your browser.

Thanks

Like Reply

Dr-Flay4 years ago

All fine except that they were android games, and had been marked as malware for a while by multiple vendors, so your automated scan wasn't much use. In fact much less use than either VT or OPSWAT in this case.
I know VT is not perfect, none are and the main issue with VT comes from being up to 1 month behind the current definitions, but in this case they were aware of the malware.
The first of the uploads was available for a considerable amount of weeks before I noticed it.
I would say that shows you need to revamp your process. If mods can't get through the list in time and the AV scanner is not flagging something for early review, what happens if you get twice as popular with twice the uploads ?
Deal with it soon before necessity forces your hand when you have no choice and you are trying to clean up a mess.

There are easy ways to integrate VT or OPSWAT APIs into the site and client for the users safety that do not have to change your internal structure of operations.

Note: Compared to PCs the AV software install count on mobile devices is low as many rely on the builtin protection.
Google Play Protect did not recognise any of them as a threat. This means vast amounts of users would blindly trust them due to false validation.

Like Reply