[GH-ISSUE #2171] is vikunja binary packed with miner malware ? #6573

New Issue

GiteaMirror · 2026-04-20T17:10:12-05:00

GiteaMirror commented

2026-04-20 17:10:12 -05:00

Originally created by @pschonmann on GitHub (Jan 27, 2026).
Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/2171

Pre-submission checklist

I have searched for existing open or closed issue reports with the same problem.

Description

Hi, wordfence says its obfuscated ELF miner. Its false positive ?

root@server:~# wordfence malware-scan /data/www/vikunja.site/app/vikunja/vikunja
                             
             ▓▓▓                                                                   
        ▓▓▓▓▓   ▓▓▓▓▓          _       __               __  ____                   
  ▓▓▓▓▓▓▓           ▓▓▓▓▓▓▓   | |     / /___  _________/ / / __/__  ____  ________ 
 ▓▓           ▓           ▓▓  | | /| / / __ \/ ___/ __  /_/ /_/ _ \/ __ \/ ___/ _ \
▓▓     ▓▓    ▓▓▓    ▓▓     ▓▓ | |/ |/ / /_/ / /  / /_/ /_  __/  __/ / / / /__/  __/
▓▓      ▓     ▓     ▓      ▓▓ |__/|__/\____/_/   \____/ /_/  \___/_/ /_/\___/\___/ 
▓▓    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓    ▓▓                                       ____ _     ___ 
▓▓  ▓▓▓ ▓    ▓▓▓    ▓ ▓▓▓  ▓▓                                      / ___| |   |_ _|
▓▓▓▓▓   ▓    ▓▓▓    ▓   ▓▓▓▓▓                                     | |   | |    | | 
 ▓▓     ▓   ▓▓ ▓▓   ▓     ▓▓                                      | |___| |___ | | 
  ▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓                                        \____|_____|___|
                                                                                   
Scanning path: /data/www/vikunja.site/app/vikunja/vikunja
File added to scan queue: /data/www/vikunja.site/app/vikunja/vikunja
Processing file: /data/www/vikunja.site/app/vikunja/vikunja
ÏÏ¬4a/www/vikunja.site/app/vikunja/vikunja,7458,Obfuscated:ELF/ELFMiner.7458,Suspicious ELF file that is often used to hide a cryptomining software,"ELF>ø8Û@@8@@`
    ¬4
      XX@X@ xx@x@¨¨QåtdGNUÀGNU.b8
                                 ""óó;ÛGNUSGoyygB0K9kHE2mucusxAqP/ulddyAXkjwXwzc2ZhsKG/gYw3N9RJu5VmUkZQTwH3/ahYMrRk4ag0ilPd56VunÐJDQUPX!"
Found 1 suspicious file(s) after processing 1 file(s) containing 3.0 MiB over 1 second(s)

Vikunja Version

1.0.0~rc4

Browser and version

No response

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

Originally created by @pschonmann on GitHub (Jan 27, 2026). Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/2171 ### Pre-submission checklist - [x] I have searched for existing open or closed issue reports with the same problem. ### Description Hi, wordfence says its obfuscated ELF miner. Its false positive ? ``` root@server:~# wordfence malware-scan /data/www/vikunja.site/app/vikunja/vikunja ▓▓▓ ▓▓▓▓▓ ▓▓▓▓▓ _ __ __ ____ ▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓ | | / /___ _________/ / / __/__ ____ ________ ▓▓ ▓ ▓▓ | | /| / / __ \/ ___/ __ /_/ /_/ _ \/ __ \/ ___/ _ \ ▓▓ ▓▓ ▓▓▓ ▓▓ ▓▓ | |/ |/ / /_/ / / / /_/ /_ __/ __/ / / / /__/ __/ ▓▓ ▓ ▓ ▓ ▓▓ |__/|__/\____/_/ \____/ /_/ \___/_/ /_/\___/\___/ ▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓ ____ _ ___ ▓▓ ▓▓▓ ▓ ▓▓▓ ▓ ▓▓▓ ▓▓ / ___| | |_ _| ▓▓▓▓▓ ▓ ▓▓▓ ▓ ▓▓▓▓▓ | | | | | | ▓▓ ▓ ▓▓ ▓▓ ▓ ▓▓ | |___| |___ | | ▓▓▓▓▓▓▓▓▓▓▓▓ ▓▓▓▓▓▓▓▓▓▓▓▓ \____|_____|___| Scanning path: /data/www/vikunja.site/app/vikunja/vikunja File added to scan queue: /data/www/vikunja.site/app/vikunja/vikunja Processing file: /data/www/vikunja.site/app/vikunja/vikunja ÏÏ¬4a/www/vikunja.site/app/vikunja/vikunja,7458,Obfuscated:ELF/ELFMiner.7458,Suspicious ELF file that is often used to hide a cryptomining software,"ELF>ø8Û@@8@@` ¬4 XX@X@ xx@x@¨¨QåtdGNUÀGNU.b8 ""óó;ÛGNUSGoyygB0K9kHE2mucusxAqP/ulddyAXkjwXwzc2ZhsKG/gYw3N9RJu5VmUkZQTwH3/ahYMrRk4ag0ilPd56VunÐJDQUPX!" Found 1 suspicious file(s) after processing 1 file(s) containing 3.0 MiB over 1 second(s) ``` ### Vikunja Version 1.0.0~rc4 ### Browser and version _No response_ ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots _No response_

GiteaMirror closed this issue

2026-04-20 17:10:12 -05:00

GiteaMirror commented

2026-04-20 17:10:13 -05:00

@kolaente commented on GitHub (Jan 27, 2026):

To the best of my knowledge, it does not contain any malware. This is a common problem with Go binaries.

Similar thread in the forum: https://community.vikunja.io/t/backend-windows-builds-virus-detection-false-positives/284

If you're still concerned, you can always compile from source.

@kolaente commented on GitHub (Jan 27, 2026): To the best of my knowledge, it does not contain any malware. This is a common problem with Go binaries. Similar thread in the forum: https://community.vikunja.io/t/backend-windows-builds-virus-detection-false-positives/284 If you're still concerned, you can always compile from source.

Sign in to join this conversation.

Branches Tags

main

renovate/dev-dependencies

feat-v2-foundation

dependabot/npm_and_yarn/frontend/axios-1.15.2

spike-huma-openapi3

claude/investigate-swagger3-support-nyyUa

feat-list-view-buckets

ci-mysql-8-test

codex/analyze-codebase-for-email-task-feature

feat-project-templates

csv-import-feature

claude/email-reply-comments-wpdcQ

fix-oidc-pkce-support

fix/overview-subtasks-expand

feat/bucket-select-task-detail

feat-soft-delete-projects

claude/review-bot-design-plan-cf5C3

claude/project-scoped-api-tokens-KTqR3

claude/explore-openclaw-integration-KQEzg

claude/project-scoped-api-tokens-yv5KS

fix-duplicate-close-button

feat-list-view-sorting

feat/official-vite-sentry-plugin

feat/highlight-overdue-tasks

feat/add-enter-key-form-submission-handling

feat/TipTap-nits

feat/update-caldavtimetotimestamp-parsing

feat-phosphor-icons

wip-plans

claude/investigate-issue-2173-llKme

fix-description-text-drag

feat-custom-keyboard-shortcuts

pr-1845-ci

codex/fix-drag-and-drop-behavior-inconsistency

copilot/add-clickable-labels-for-filtering

copilot/fix-issue-1786

playwright-migration

fix-kanban-repeating-wip

copilot/fix-1498

feature/replace-axios

codex/upgrade-to-tailwind-4.1.8-using-pnpm

codex/add-cypress-test-for-avatar-types

feature/biome

feature/oxc

codex/update-flexsearch-to-0.8.205

4r6ni9-codex/fix-deprecated-sass-@import-usage

codex/fix-deprecated-sass-@import-usage

codex/add-cypress-test-for-task-list-refresh-fix

codex/fix-quick-add-magic-not-adding-tasks

codex/fix-all-type-errors

codex/fix-mimetype-for-docs.json

feature/caldav-from-scratch

feature/gh-actions-hetzner

fix-ci

feat/new-logger

jyte-better-dev-config

feat/add-team-member-with-enter

fix/button-and-icon-types

fix/notifications-component-name-collision

feature/null-time

renovate/tailwindcss-4.x

feature/unplugin-vue-router

fix/deprecated-import

feature/zod-schema

renovate/golangci-golangci-lint-1.x

fix/tiptap-editor-reactive-destructuring

release/0.24

feat/improve-add-task

fix/saved-filter-search

feat/webp-and-avif-attachment-previews

feature/migrate-back-to-bulma

fix/sass-add-missing-list-import

feature/sticky-demo-bar

fix/gantt-view-switch

feature/typesense-position-join

feature/focus-visible

dependencies/golangci-lint

feature/better-filter-syntax

fix/tiptap-task-list

renovate/github.com-golang-jwt-jwt-v4-5.x

feature/hide-forbidden-related-tasks

renovate/golang-1.x

release/0.20

release/0.17

release/0.16

release/0.15

release/0.14

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vikunja#6573