Tomarkus wrote:Hacking into sites sometimes happens and sometimes and along with the application you can get a keylogger or a crypto miner as a freebie - that's the case I'm afraid of.
Yes a supply chain hack is possible but I see no evidence of that happening in this case.
Tomarkus wrote:As for my Windows Defender, it runs on absolutely default settings and I have changed absolutely nothing.
I just scanned the .exe on my other system which does run Windows Defender and it passed.
Do you have "Controlled Folder Access" enabled in Defender? That's the only option I have turned off, all the other options are enabled.
No one else is reporting the issue yet and none of us can reproduce it so at this point it appears to be a false positive. I just downloaded the file again this morning so it should be up to date.
EDIT: OK I normally don't do this but I downloaded directly on my studio computer (I normally download on this system then move the files by USB stick) and Windows defender allowed the download to complete and then scanned the .zip file as clean.
So I don't know what's going on. You'd think that Windows Defender would react the same way to the same file. I assume you've tried to download again today?
My Defender definition file is 1.385.169.0 created on 15 March at 10:17pm
Anyway if you're still uneasy then you could send a support request to Synapse or wait for the owner Richard to post here.