Virus Total scan
Dom Woods - BGS
Tue Aug 22 14:12:51 GMT 2023
I scanned your application through Virus Total as per our company policy and noticed that the installation process calls out to a suspicious Microsoft IP 184.108.40.206, this ip has been flagged by 8 vendors as malicious, I get varying responses for what it is used for (an os updater or a file distributer) and wanted to ask what does Cygwin use it for? I can't seem to contact it with nslookup or ping it and Virus Total says that it gives a 'status 400' results so it might not be in use anymore anyway but just wanted to check.
Here is your Virus Total graph results: https://www.virustotal.com/graph/6bad4555154b3b348d1bfb633a2e9d6086aa46e36952f456a434ecef5b0010e0
Here is the scan of the IP address' results: https://www.virustotal.com/gui/url/3397a00da1c5aa448611892c12d38fee37fcd60321720a6e242cb0167e381901/detection
This email and any attachments are intended solely for the use of the named recipients. If you are not the intended recipient you must not use, disclose, copy or distribute this email or any of its attachments and should notify the sender immediately and delete this email from your system. UK Research and Innovation (UKRI) has taken every reasonable precaution to minimise risk of this email or any attachments containing viruses or malware but the recipient should carry out its own virus and malware checks before opening the attachments. UKRI does not accept any liability for any losses or damages which the recipient may sustain due to presence of any viruses.
More information about the Cygwin