SQ30112
Detected presence of suspicious files by a heuristic or machine learning algorithm.
| priority | CI/CD status | severity | effort | RL level | RL assessment |
|---|---|---|---|---|---|
 | pass | medium | high | None | malware: warning Reason: suspicious components found |
About the issueโ
Proprietary ReversingLabs malware detection algorithms have determined that the software package contains one or more suspicious files. The detection was made by either a heuristic algorithm, or a machine learning model. This malware detection method is considered predictive, and can typically identify the malware family by name.
How to resolve the issueโ
- Suspicious detections are a lower confidence detection, so you should first review them for malicious intent.
- If the software intent does not relate to malicious behavior, investigate the build and release environment for software supply chain compromise.
- Proceed with increased caution when using this software package.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes.
For every repository, the chart shows the percentage of projects that triggered the software assurance policy. In other words, it shows how many projects were found to have the specific issue described on this page.
The percentages are calculated from the total amount of packages analyzed:
- RubyGems: 174K
- Nuget: 189K
- PyPi: 403K
- NPM: 2.1M
Recommended readingโ
- Explainable machine learning
- Introducing Explainable Machine Learning (ReversingLabs blog)
- Machine Learning for Humans (ReversingLabs blog)