Warning

This post was published 41 days ago. The information described in this article may have changed.

Info

This post is auto-generated from RSS feed The Rust Programming Language Forum - Latest topics. Source: TcpStream is detected as malicious by some antivirus programs

Hello, good day to you.

I'm using Rust's documentation's sample code for initiating a simple TCP connection between two endpoints over network:
let mut stream = TcpStream::connect("192.178.40.50:34254")?;

This single line of code is detected as malicious by several antivirus applications, such as Emsisoft, Avira & EScan. (I've tested them myself, not via VirusTotal or any other online portals)

Interestingly, initiating TcpStream via other programming languages (such as C#, which is equivalent to TcpClient class) are not flagged as malicious.
I'm aware that C# cannot be easily compared to a language like Rust.
Nevertheless, this raises the question why such behavior depends on implementation language. Does Rust use a specific method/library for handling TCP connections?

I've also disabled AVs' firewalls, so that's not the case about blocking connections.
In addition to all of this, it is worth noting that these AVs mentioned do not report the file as malicious upon scanning manually, but only when it is executed, so this means they're literally preventing this specific 'behavior', which is connecting to an IP endpoint via TCP.

Is there a workaround to this?

I'm testing this on a Windows 10 machine, with x64 Portable Executable (.EXE) output.

Thank you in advance.

Regards,
Marco.

1 post - 1 participant

Read full topic

🏷️ Rust_feed