Jump to content

Download.com serving up malware


Recommended Posts

Download.com a.k.a. C|Net download.com is no longer a safe location to download programs, because it now wraps the software in a Trojan Installer, detected as malware by major Anti-Virus programs.

This story was first reported back in August on the ExtremeTech site, when VLC was "trojanised" by Download.com. See "Download.com wraps downloads in bloatware, lies about motivations"

Now it has re-emerged, because another well-known program used by Computer Security testers (nmap) has also been "trojanised" by Download.com:

I've just discovered that C|Net's Download.Com site has

started wrapping their Nmap downloads (as well as other free software

like VLC) in a trojan installer which does things like installing a

sketchy "StartNow" toolbar, changing the user's default search engine

to Microsoft Bing, and changing their home page to Microsoft's MSN.

The installer is actually detected as malware:

In fact, if we UPX-unpack the Trojan CNet

executable and send it to VirusTotal.com, it is detected as malware by

Panda, McAfee, F-Secure, etc:


That bit.ly link will redirect you to virustotal.com for the test results.

Looks like download.com is no longer a safe place to go, for any downloads.


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...