Jump to content

WARNING: Cnet/Download.com Distributing Malware


Recommended Posts

Posted (edited)

[ Topic slightly hyped to get attention :rolleyes: ]

 

A heads-up for those of us who use the various freeware download mirrors on the Intarwebs:

 

Cnet/Download.com has started wrapping the original Windows installer for various well-known freeware programs in a trojaned installer of its own devising. The Cnet installer does things like installing a "StartNow" toolbar, changing the user's default search engine to Microsoft Bing, and changing their home page to Microsoft's MSN.

 

Yes, the ImgBurn installer also offers similar 'bling', but in a non-sneaky way that is opted out by default and is easily avoidable if you don't want it (in my experience).

 

Cnet has not been hacked - it's a change to their official policy.

 

Their installer does apparently make it clear what they're doing (albeit that it opts you in by default), but is deceptive in that it gives the user something other than the clean original and genuine installer they were expecting to download. So long as your eyes are open and you don't blindly click 'Next' on the installer wizard screens then apparently you'll avoid the adware you didn't want.

 

I'm posting this simply to warn about the new and changed behaviour.

The new policy is documented here

 

I learned about this issue from the NMAP users' mailing list:

http://seclists.org/nmap-hackers/2011/5

which has a link to a story at ExtremeTech, dated August 2011, about the beginning of the new behaviour :

http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations

 

Users report that downloads of the latest version of VLC from Cnet are now being wrapped, and all new versions of other programs will get the treatment as they are released.

 

ImgBurn does not include Cnet/Download.com in it's official list of mirrors.

Edited by scuzzy
Posted

Never had any issues with downloading stuff from them. Perhaps if you are trigger happy...

 

7. Are any additional items installed on the users machine?

 

The Download.com Installer does not install itself on the user's system and does not leave behind and additional components. If the user accepts an offer for 3rd-party software during their download the additional items that they've agreed to will be installed on their system.

Posted

Never had any issues with downloading stuff from them. Perhaps if you are trigger happy...

Me neither (and they always used to be on my "trusted" list of download sites). Then again, they only started doing this sometime this Autumn, and I haven't downloaded anything from them since early this year.

 

I blame the bankers ;)

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.