Fix a few typos in the post

Author: dmbaturin

site/blog/mistaken-for-malware/index.md

@@ -60,11 +60,11 @@ To my utmost surprise, that check was positive — BitDefender Theta thought it
 That immediately smelled like a false positive to me. First, no other vendor detected anything, not even BitDefender's other product.
 Nonetheless, I carefully looked at the output of `strace` for soupault 4.6.0 running on a clean VM — there were no system calls I wouldn't expect,
 certainly no network connections to a C&C server. I downloaded samples of actual Mirai executables and compared `strings`, `objdump -d` and `hexdump` listings just to be sure —
-there certainly wasn't anything like that in my executables. Mirai that samples I could find used `wget | sh` to fetch their "updates".
-Soupault executables didn't contain any domain names other than soupault.app (in its help messages and default configs), and there was no code that could make network connections.
+there certainly wasn't anything like that in my executables. Mirai samples that I could find used `wget | sh` to fetch their "updates".
+Soupault executables didn't contain any domain names other than soupault.app (in help messages and default configs), and there was no code that could make network connections.
 
 I assumed that the BitDefender mis-detection was a likely cause of the domain block, so I decided to try some options to make the Linux executable pass the check.
-I found that when I ran `strip` on it, it was no longer detected as malware. That was also the final confirmation that it was false positive — whatever caused BitDefender Theta
+I found that when I ran `strip` on it, it was no longer detected as malware. That was also the final confirmation that it was a false positive — whatever caused BitDefender Theta
 think it was infected, it wasn't even in the ELF sections that actually determined program's behavior.
 
 I intentionally distribute soupault executables unstripped so that users can get informative exception traces if there are any bugs that lead to unhandled exceptions.
@@ -85,7 +85,6 @@ I sent them a detailed report on my findings, you can find a copy of it in the [
 I received a reply within the same day from them.
 
 <blockquote>
-Jun 22, 2023, 13:37 UTC
 Hello Daniil,
 
 Thanks for contacting Quad9 support.
@@ -131,7 +130,7 @@ I had to resort to contacting VirusTotal, which has a contact form on the websit
 
 <img src="virustotal_contact_form.png" alt="VirusTotal contact form">
 
-I made it very clear that I understand that VirusTotal is just an aggregator and isn't responsible for false positives, and I asked them to either communicate
+I made it very clear that I understood that VirusTotal was just an aggregator and wasn't responsible for any false positives, and I asked them to either communicate
 my findings to BitDefender or point me to their contact information. They shared a list of vendors' virus submission email addresses with me,
 so finally I could send my report to BitDefender.
 
@@ -140,7 +139,7 @@ Well, better than nothing, I suppose.
 
 <h2 id="guild-by-association">Guilt by association?</h2>
 
-While poking around VirusTotal, I discoverd that for registered users, it has a "Graph" feature. The graph for soupault.app shows an association
+While poking around VirusTotal, I discoverd that, for registered users, it has a "Graph" feature. The graph for soupault.app shows an association
 with its IP address, which belongs to Google Cloud Platform (where Netlify hosts its web servers), and has a history of detections as malicious.
 
 <img src="virustotal_graph.png" alt="VirusTotal graph page for soupault.app, showing its IP address in Google Cloud, with a history of malware detections">