I just downloaded the simcraft nightly from the official download server and as soon as I ran it windows defender (Windows 10) flagged a trojan called Wacatac.B!ml.
not sure if this is a false positive or not
Google searches say it’s both a real threat and a false positive.
Defender seems to have removed it.
This is just a heads up.
I’ll skip simcraft for now until I find out what’s going on.
Simcraft isn’t slipping in trojans.
I’m not saying they are
I’m reporting what Defender told me
the log says
Detected:Trojan:Win32/Wacatac.B!ml
Affected Items:
file: C:\Users\Garce\Downloads\simc-1025.01.f48492c-win64\simc.exe
What I was able to find is the file is Malware.
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Virus:Win32/Wacatac.B!ml&ThreatID=2147774417
I’m assuming the win32 is reference to the directory it was found.
Thats a protected directory tree in Windows.
So me running simcraft as a user should not have allowed anything from simcraft to write to that location.
I’m running full scans on all my drives, over 20TB of storage. So this will take a little while:(
Not sure what has write permissions, but I hope to find out soon
If all else fails I’ll reboot to one of my linux installs and scan from there.
Why on earth do you need this much
for the average linux user, that’s nothing!
If you are truly worried, highlight it to SimC themselves. Makes no sense why they would knowingly want to slip malware and screw themselves in the process.
To make life like 3D renders requires high quality maps. This can be several GB per character.
These aren’t for game avatars, though one can reduce the mesh density and the maps from 4k-8k down to 512-1024 to make them more game ready.
Some of these assets I had to pay for, and they get expensive very quickly. So I also keep back ups on a separate portable drive. Which happened to be plugged in at the time cuz I was playing with my 3D art stuff instead of playing WoW.
I will later, but I think simcraft may just be a point of exploit and not the real problem.
I never ran simcraft as admin on Windows so it wouldn’t have had the permissions to write to a protected folder.
as far as I know a process would need an UAC or a running service installed as admin to get the write perms.
Alright yea 3d art does explain it
Continue on, storage man
If it’s a legit positive, there’s a few ways this could happen without the authors knowing.
It’s the machine where the AI resides.
I read that as “on” and it made me giggle.
I bought and installed Avast for Windows and ran scans with it also.
Avast found nothing
At this point I’m confident that windows Defender dealt with whatever it was.
If something else pops up I’ll report back to the simcraft team.
Right now, I have nothing to tell them other than Defender found this trojan and removed it and I seem to be the only one experiencing this.
If others experience the same thing, then I would be more inclined to believe there is a problem with the simcraft downloads. That’s the reason I posted here. To raise awareness and nothing more.
I keep misreading the title as “Simcraft Trojan Dejected”.
Who has been mean to Simcraft Trojan? And who named them that?
Long live Skynet!
LOL!!!
It’s those special kind of keys I hear people are running these days. 