Netease Lyrics: Retrieve lyrics from Netease Cloud Music!

[CharlieJiang]

@CharlieJiang

Running your Netease Lyrics plugin dll (v1.8.1) through VirusTotal, it gets triggered by 12 antivirus engines saying it contains a Trojan virus:



Can you comment on this?
 
 

I too tried to run the dlls in VirusTotal and got the same result, which is rather weird. The project has its source code publish at https://github.com/cqjjjzr/MusicBee-NeteaseLyrics and the codebase is extremely small so it can be easily audited, and you can build the project and again put it into VirusTotal.

I rebuilt the project from scratch using VS2022(17.6.1) and the result is the same, so I believe it's either

1. False positive from Antivirus engines. I used Fody.Weaver to weave dependency DLLs into single DLL so this may trigger false positive.;
2. The dependency is posioned. Again the dependency details is published in the GitHub repo (in packages.config). The project has only 4 dependencies (Costura.Fody 3.2.2, Fody 3.3.5, MSBuildTasks 1.5.0.235, Newtonsoft.Json 13.0.1), and none has been reported as posioned as far as I can search, so the possibility for dependency posioning is slim.

Could you try to rebuild the project from source and see if the virus flags persist?

[hiccup]

Thanks for the very fast and comprehensive reply CharlieJiang!

Could you try to rebuild the project from source and see if the virus flags persist?

You are over-estimating my capabilities. I am not a coder and have no clue on how to do this.

Maybe other users with coding talents can help in figuring out what is going on exactly?

P.S.
Most of the warnings seem to come from antivirus services that I have never heard of, so perhaps I would take those warnings with a grain of salt.
But Google, McAfee and BitDefender have good reputations.
If at least those three would be set to rest I personally probably would not be that worried anymore.

[hiccup]

P.S.
Do you happen to know about this plugin for QQ Lyrics?: https://getmusicbee.com/addons/plugins/473/qq-lyrics/

It also gets flagged by Google: https://getmusicbee.com/forum/index.php?topic=39622.msg214268#msg214268

[CharlieJiang]

P.S.
Do you happen to know about this plugin for QQ Lyrics?: https://getmusicbee.com/addons/plugins/473/qq-lyrics/

It also gets flagged by Google: https://getmusicbee.com/forum/index.php?topic=39622.msg214268#msg214268

I have no idea, sorry.

Someone in the GitHub issue suggested changing the GUID of the dll in AssemblyInfo.cs, and it did fixed the problem. The original one (c1acdbd8-6b22-4807-bba3-d0237ccd74c1) in my plugins are surprising the same since I copied the AssemblyInfo.cs from the MusicBee SDK demo untouched. Changing them to different ones solved the issue.



It seems that the AV softwares are indeed to be blame. I'll release further versions of those plugins with new GUIDs, but I'd like not to bother to release a version just for rolling the GUID.

[hiccup]

Someone in the GitHub issue suggested changing the GUID of the dll in AssemblyInfo.cs, and it did fixed the problem. The original one (c1acdbd8-6b22-4807-bba3-d0237ccd74c1) in my plugins are surprising the same since I copied the AssemblyInfo.cs from the MusicBee SDK demo untouched. Changing them to different ones solved the issue.

Great.
Thanks for the incredibly fast response, and sorry for my cry-wolf.