go-IPFS detected as threat by Sophos AV

On my macbook running Sophos Anti-Virus (work-provided), this morning it began flagging go-ipfs as an “Active threat C2/Generic-A”, whatever that means.

I’m sure IPFS isn’t suddenly harboring a virus, but I wanted to bring this to y’all’s attention in case there’s anything that can be done to avoid false-positives. I know AV software often works in similar ways, so I wouldn’t be surprised if it happened in other AV clients as well.

False alarm, probably getting flagged due to it’s usage of P2P libraries

This is probably because the IPFS library mentions ipfs.io and we run the IPFS gatway on ipfs.io. Someone, somewhere, is linking to some virus at https://ipfs.io/ipfs/QmSomeBadFile.

Please report the false positive.