False Positives - ELF:MiraiDownloader-OG [Drp]

[marthacolli]

I have/had? the same problem two days ago and again yesterday after running several deep scans with the scan for tools option checked.  If you look at one of the files that is reported as infected (dyld_shared_cache_arm64e), it seems whatever it was overwrote an original and named it arm64e1.  But if you note the creation date of the newer file then look for any apps installed/updated on that same date you may notice a whole host of Apple apps with that exact same time stamp.  None of the many other apps I installed had that particular time stamp so I'm putting it down to Apple updating some system file/s while also updating their apps at the same time or should that be whenever they downloaded to my mac.  If it's resolved that is great to hear! I'll run another deep scan to see if I come up with the same result you guys got!

[markebeast]

I am having the same problem, as every scan I make I get either 1 or 3 of these alerts. They get resolved and if I run another scan, it shows up again.  vidmate 2014 mobdro app

[polonus]

Do you recognize anything with these endings conmnecting lately?
Look here:
Mirai-all-sorts: https://urlhaus.abuse.ch/browse.php?search=Mirai

Also probably AVG detections/FP's involved here as well:
https://support.avg.com/answers?id=9065p000000kF91AAE

And the coarse reply here on Apple's discussions: https://discussions.apple.com/thread/254371312?page=2

We have seen posts like this from just about every A/V product over the years where users panic when they see these false positives.

polonus