Upon running a modpack with this mod bitdefender has marked it as infected
The file D:\ATLauncher\instances\TerraFirmaGreg\mods\Ksyxis-1.2.2.jar is infected with Trojan.GenericKD.72678267 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

BitDefender no longer flags 1.2.2 as infected, other vendors should follow shortly

hopefully fixed in 1.3.0.

k

@Treazul either your specific JAR is infected, your PC is infected with something else or you're getting man-in-the-middle-attacked: https://www.virustotal.com/gui/file/8e97bb392718099d54377738a3501284eef98fbd54f6b46b4350fc9267ef4d47

for fs sake, what they don't like

maybe they don't like the way it uses a lot of method injections like here for multiversion support

what's funny, the latest gh actions snapshot is not being detected (even after reanalyzing) by any vendor

*got this on mod version 1.2.2, the file extension isn't .jar, it's .bNIhAX

the full file my av shows is Ksyxis-1,2,2,jar.bNIhAX

download method: modpack via prism launcher, downloading from modrinth.

trying to download the mod again seems to end with a random string as the file extension, not just ".bNlhAX"

my AV is called "Vipre".

@Dorrivix it seems like your antimalware renames it

it doesn't trigger with downloading version 1.2.1

well it also doesn't with 1.2.3-SNAPSHOT, you can reverse engineer 1.2.2 JAR and find nothing there. it was probably incorporated in some bigger malware (such as infected Minecraft modpack) and now antimalware flags it. i will not update JAR until I'll add 1.20.5 compat in a few days.