SQ30108
Detected presence of malicious files by a machine learning algorithm.
| priority | CI/CD status | severity | effort | RL level | RL assessment |
|---|---|---|---|---|---|
 | fail | high | high | 1 | malware: fail Reason: malicious components found |
About the issueโ
Proprietary ReversingLabs malware detection algorithms have determined that the software package contains one or more malicious files. The detection was made by a machine learning model. This malware detection method is considered proactive, and can typically identify the malware threat type. The detection is strongly influenced by behaviors that software components exibit. Behaviors similar to previously discovered malware and software supply chain attacks may cause some otherwise benign components to be detected as malicious.
How to resolve the issueโ
- Inspect behaviors exibited by the detected software components.
- If the software behaviors differ from expected, investigate the build and release environment for software supply chain compromise.
- Avoid using this software package until it is vetted as safe.
- Consider rewriting code that may have triggered the detection due to its malware similarity.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes.
For every repository, the chart shows the percentage of projects that triggered the software assurance policy. In other words, it shows how many projects were found to have the specific issue described on this page.
The percentages are calculated from the total amount of packages analyzed:
- RubyGems: 174K
- Nuget: 189K
- PyPi: 403K
- NPM: 2.1M
Recommended readingโ
- Explainable machine learning
- Introducing Explainable Machine Learning (ReversingLabs blog)
- Machine Learning for Humans (ReversingLabs blog)