3

For context: about every month, Stack Exchange publishes an XML data dump of all posts and comments on all sites to the Internet Archive, so that all CC-licensed content is retained in a permanent archive.

It seems like in the latest data dump, some content from this site, Monero, was recognized as "malware", and this resulted in Internet Archive's servers automatically removing all but three previously published data dumps from all sites.

What content was recognized as "malware", and why? What can be done to prevent any future mis-recognitions as "malware" of any content here or on other sites?

2
  • 1
    We were directed to this. It's a needle in the haystack trying to find the post(s) with the issue. Commented Sep 7, 2021 at 15:59
  • 1
    What is the last known non-malware dump? Commented Sep 7, 2021 at 16:09

1 Answer 1

Reset to default
4

It seems like there is a question about coinhive that is causing this to happen. Posts with code snippets to do in-browser crypto mining get blocked by some AVs. For example, saving this question to HTML and putting it on VirusTotal shows that it gets blocked by 16 security vendors.

Coinhive doesn't exist anymore, so closing+deleting all of those questions should fix the issue.

2
  • 1
    Unfortunately, removing those won't resolve the issue. I removed them from the Posts.xml file and we're still tripping the scan Commented Sep 7, 2021 at 17:11
  • 2
    @Taryn It's better though: in that scan MaxSecure, Antiy-AVL, GData, and McAfee-GW-Edition no longer detect anything. Commented Sep 7, 2021 at 17:15

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.