Trojan detected in Windows 10 Simple Installer for GnuPG Modern

Peter Lebbing peter at
Sat Jan 28 22:37:22 CET 2017

On 27/01/17 21:56, Jacob Lyles wrote:
> GnuPG download: gnupg-w32-2.1.18_20179123.exe
> (sha256 1FD01E24F65465DFD075B8AD55A58EAEE13E79C02C42096C325A7CCF5A1EB283) "Simple
> installer for GnuPG modern"

This is indeed truly the file signed by Werner's dist sig key:

$ gpg2 --verify gnupg-w32-2.1.18_20170123.exe{.sig,}
gpg: Signature made Mon 23 Jan 2017 22:12:23 CET
gpg:                using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Good signature from "Werner Koch (dist sig)" [full]
gpg: werner koch (dist sig): Verified 1 signature in the past 5 minutes, and
     encrypted 0 messages.
$ sha256sum gnupg-w32-2.1.18_20170123.exe
1fd01e24f65465dfd075b8ad55a58eaee13e79c02c42096c325a7ccf5a1eb283  gnupg-w32-2.1.18_20170123.exe

(albeit that you accidentally typed a 9 in the date in the filename)

I suspect it's a false positive, but somebody else will need to check.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170128/71b3e23e/attachment.sig>

More information about the Gnupg-users mailing list