this post was submitted on 11 Mar 2024
26 points (88.2% liked)

Privacy

31859 readers
202 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

windows10 keepassxc.exe, ‎11.‎03.‎2024 ‏‎18:40:26, 52509, 140.82.121.5, lb-140-82-121-5-fra.github.com, 443 (https), tcp, Outbound, [B] Internal\BlockConnection

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 8 months ago* (last edited 8 months ago) (1 children)

VirusTotal doesn't indicate keepassxc.exe 2.7.7 contacts this address. I'd be careful. Check the binaries' signatures. Try a full install to see if that behaves differently.

keppassxc.exe: https://www.virustotal.com/gui/file/fea4df5024f83155f6742a3372a801fc6cc97ed82627b36fce6f0caed54506cf/relations

KeePassXC-2.7.7-Win64.msi: https://www.virustotal.com/gui/file/9c3dab957db0f769c4e67bfdf4f0134a65ecfa65c5569718a36aa88e649158cd

[–] [email protected] 3 points 8 months ago (1 children)
[–] [email protected] 3 points 8 months ago

140.82.121.5

Well, apparently, this is an A record for api.github.com. This name resolves to a different IP around the globe. See https://www.whatsmydns.net/#A/api.github.com

The IP is detected as "clean" on VirusTotal: https://www.virustotal.com/gui/ip-address/140.82.121.5/detection , although apparently (probably not surprising as it is github) is also a favorite address for everything including malware.

Maybe you can ask in the keepassxc discussion forum on github.