Hi, I’ve been using VCV Rack on Mac for quite some time and am currently running 2.6.4 on an arm64 (M2 Pro) Mac, but for the first time ever today I’ve had it come up in scan results from Malwarebytes. It specifically says the plugin.dylib file in various vendor subfolders under ~/Library/Application Support/Rack2/plugins-mac-x64/ contains “MacOS.Stealer.Poseidon”
I don’t know if these are false alarms or a genuine issue. So far, I’ve opted not to quarantine the files, but I’d like to understand if this is a vulnerability or problem before launching Rack again. If I can provide any more information to be of assistance, please let me know.
Just got the same. It’s probably a false positive due to the fact that VCV rack plugin .dll signatures use some pretty funky processing to do the good music stuff, and malware bytes likes to err on the side of extreme caution.