[moved] /usr/drone/bin/tmate detected as security threat?

We have automated security scans running on our resources, and we recently received the following alert:

Trend Deep Security has quarantined the following item(s) on i-03e6c205f3b7fb3ce:


The listed file(s) will be inaccessible. Please let us know if this is recognized as being needed for legitimate purposes and an exception can be added to allow it. 

Please let us know if you have any questions.

Unfortunately, they didn’t yet give us the exact warning type, looking to get that. Wondering if there is an issue here, or maybe a false positive or what? Our drone install is using the drone docker images, so hopefully no one has gotten access to drone’s docker credentials.

this is a false positive, please see Detected Linux/Hildegard.A!MTB in drone/drone-runner-docker:1

1 Like