For the last month or two, my AV blocks their site because it detected a ScrInject.B trojan.
And yes, it’s the correct site (monkrus.ws).
VirusTotal also shows 4 security vendors register it as malicious.
Are these all false positives or is monkrus’s site no longer trustworthy?
r/GenP talks about the safety of monkrus in their wiki: https://www.reddit.com/r/GenP/wiki/patchmethods/
Most people who claimed they got malware from the Adobe collection repack had either downloaded it from an unofficial source, downloaded from YouTube, or downloaded other pieces of sketchy software - just so happens that a monkrus repack was the last thing they installed. Then there are others who have been using monkrus for years and haven’t had issues.
In the Quttera analysis, the malicious files are from a blacklisted domain [
M.BL.Domain.gen
], fv20[.]failiem[.]lv - this is a file host from Latvia. The files being flagged probably aren’t malicious, though if this host isn’t taking down malware, it would make sense that they are blocked by some antivirus companies. Especially since Quttera isn’t checking the torrents - they are uploaded to other sites.All in all, if you have any doubts, don’t install it. Check out GenP instead of you don’t really trust monkrus!
Wait how do you get a virus downloading from youtube, using some sketchy youtube download site? Yt-dlp is good right?
I probably should have specified - downloading cracked software from a YouTube video. Downloading videos from YouTube is fine with tools like yt-dlp.
Whew scared me lol. Thanks!