Kryptik.IA trojan

ESET Endpoint Antivirus has identified a “Kryptik.IA” trojan in many of the inductive automation software files on my machine and throughout my company’s computers. Any idea what this is. Example infected files include:

C:\Program Files\Inductive Automation\Ignition\data\jar-cache\recipeinstaller__682368977__recipeinstaller.jar
C:\Program Files\Inductive Automation\Ignition\user-lib\modules\Recipe-Installer-module.modl
C:\Program Files\Inductive Automation\Ignition\user-lib\modules\Recipe-module.modl

It’s probably a false positive. Seems to be taking issue with the contents of the Recipe module and installer for some reason. I’ll point one of the Sepasoft guys to this thread and he can look into it further with you.

We are not seeing any detection here with the AV software we use. I directly scanned the installer and then unzipped the .modl file and scanned each file but did not get any detection. The AV we use is checking for Kryptik.IA in Win32 and java.

When you say many, are there other files where this is detected? Is it all the installers?

Pete Low
Tech Support

1 Like