Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content

Browse GamesGame JamsUpload GameDeveloper LogsCommunity
Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines

RRTj

2
Posts
1
Topics
1
Followers
11
Following
A member registered Feb 11, 2019

Recent community posts

drafft community · Replied to baj in [Solved] Protestware in Drafft dependencies "es5-ext"
RRTj2 days ago (2 edits)

Yes, apparently it is because of the "war in Ukrainian text" in the library code to which Russian antiviruses react. Because I saw in the reports on my PC during installation, the file _postinstall.js is marked there in exactly the same way, which contains the text about war...

I apologize to you if this post could offend...

Reply
drafft community · Created a new topic [Solved] Protestware in Drafft dependencies "es5-ext"
RRTj2 days ago (5 edits)

As I understand it, this happens because the JS library used in the project contains text that talks about Ukraine and is probably not a real security threat.
It could be dangerous if your time zone is from (UTC +2) to (UTC +12). 
Russian antiviruses as DR.web and Kasperski triggering on it.
The developer of Drafft is not to blame.

This is so stupid


----------------------------------------------------------------------------------
Original post
I want to share some observations about potential security risks related to recent Drafft installers. I am not an expert, but multiple antivirus alerts and suspicious behaviors have raised concerns. Below is a detailed breakdown for transparency. Please verify if others have experienced similar issues

1. Drafft v1.4.5 (Itch.io Installer)

  • Antivirus Alert (Dr.Web):
    • Blocked during installation due to "Process Hollowing" (attempted modification of system files).
    • Installer freezes, creating unresponsive processes.
  • Post-Scan Findings:
    • Dr.Web flagged anomalies in System32\backgroundTaskHost.exe.
  • VirusTotal Results:
    • Installer v1.4.5 Hash: b89ea9ddaa22f9fc7034762fca55573f28a8017ef761c909b301d4c742204497
    • View Report

2. Windows Portable Version (Itch.io)

  • Antivirus Alerts:
    • Both Windows Defender and Dr.Web triggered warnings during extraction.
  • VirusTotal Results:
    • Portable ZIP Hash: a7ca47afe5f367ff593a3ac5be0265bc79ebcec3d0c4a8f94a531de616aebe59

3. Drafft v2.0.21 (Drafft.dev → GitHub)

  • Installer: Drafft-2-Installer-2.0.21-win-x64.exe
    • Flagged for JS.Siggen5.44590 (malicious JavaScript library).
  • VirusTotal Results:
    • Installer v2.0.21 Hash: c6127bf4963ab7c5802cf9abb5d4a24c483221476a8fe1f6f5109c14c4840e2d
    • View Report

Request to the Community

  1. If you’ve installed recent Drafft versions, please:
    • Run antivirus scans.
    • Check for unusual system behavior.
  2. Share your findings here to clarify if this is a false positive or a genuine threat.

P.S. to developer, It seems to me that the site https://drafft.dev/ is not the right setting, since without paying for a subscription you can easily get access to the installer download program (I realized this only after a while, when I saw that there are price lists). And also on the main page there are buttons "Download" at the top and a button "Download for windows" in the middle of the screen, I do not work, I just do nothing, a working link to download is only after going to "All downloads →"

Reply
AboutFAQBlogContact us
Copyright © 2025 itch corp · Directory · Terms · Privacy · Cookies