C|net adding malware/adware to NMAP downloads

LoLth

Dont know if anyone else has been following this one but fyodor went nuts at the C|net download site on the nmap mailing list after it was discovered that they are wrapping nmap downloads in adware/malware that changes the users search engine and homepage.This is despite C|net claiming on their site that they do not practise this tactic.

FYODORS response to C|NET:
http://seclists.org/nmap-hackers/2011/5

extract:

Hi Folks. I've just discovered that C|Net's Download.Com site has
started wrapping their Nmap downloads (as well as other free software
like VLC) in a trojan installer which does things like installing a
sketchy "StartNow" toolbar, changing the user's default search engine
to Microsoft Bing, and changing their home page to Microsoft's MSN.

The way it works is that C|Net's download page (screenshot attached)
offers what they claim to be Nmap's Windows installer. They even
provide the correct file size for our official installer. But users
actually get a Cnet-created trojan installer. That program does the
dirty work before downloading and executing Nmap's real installer.

C|NETS apology:
http://download.cnet.com/8301-2007_4-57338809-12/a-note-from-sean-regarding-the-download.com-installer/



really really the wrong type of software to go tampering with given the type of consumer likely to be downloading it imho.

syklops

Yeah, they really picked the wrong software to mess with.

That said, who would download nmap from download.com? I stopped trusting that site over a decade ago.

BaconZombie

They allot broke copyright law and GPL.

Have a read of fyodor's reply to the NANOG mailing list.

http://seclists.org/nanog/2011/Dec/160

syklops wrote: »

Yeah, they really picked the wrong software to mess with.

That said, who would download nmap from download.com? I stopped trusting that site over a decade ago.