Possible malware detected after Bruno crash on WSL (Gafgyt backdoor)

[cramara]

While using Bruno on WSL, the application crashed, and shortly after, Windows Defender triggered a security alert. The alert flagged a file as a known backdoor:

"Gafgyt" backdoor was prevented
File: wsl-crash-[timestamp]snap_bruno[...]

Our internal IT team (DSI) confirmed the detection and blocked the threat.

[helloanoop]

Bruno is a filesystem-based API client that inherently interacts with the local filesystem. Reading and writing files, executing scripts, and spawning subprocesses are integral parts of its standard functionality, and these actions may trigger security alerts.

However, if your security team identifies any malicious or suspicious activities beyond these normal operations, please notify us immediately at security@usebruno.com