Download.Com Caught Adding Malware to Nmap & Other Software

Posted on Wednesday, December 07, 2011 @ 17:01:21 PST in Security
by Raven

Southern writes:  
CNET's Download.Com is one of the most popular (currently ranked #174 worldwide by Alexa) and longest-running (been around since 1996) major sites on the Internet. As a download repository, their key value ad was that they screened software to avoid malware, spyware, ad-ware, viruses and other harmful content that certain shady software contains. Even many security experts recommended them as a safe place to download software online. Download.Com is run by CNET, which is part of the 17-billion dollar CBS media empire. Many people assumed that a major site like this wouldn't resort to unethical monetization schemes like adding spyware and other malware to their downloads.

Unfortunately, those people were wrong.
In August 2011, Download.com started wrapping legitimate 3rd party software into their own installer which by default installs a wide variety of ad-ware and other questionable software on users machines. It also does things like redirect user search queries and change their Internet home page. At first their installer forced people to accept the malware or close the installer (see screen shot of infected VLC installer in this article). Later they added a non-default "decline" button hidden way on the left side of the panel. Also, the initial installer shown in the previous screen shot claimed the software was "SAFE, TRUSTED, AND SPYWARE FREE". In an unusual show of honesty, they removed that claim from the rogue installer.

more: Insecure
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 344,043,719
  • Today: 42,471
Server InfoServer Info
  • Dec 14, 2017
  • 04:29 pm PST
 
 

Daily Inspiration