Better Late than Never
Time to put out the Great Chicago Fire too.
This stuff has been burning computers for over a decade.
McAfee says a software company with more than 50,000 downloads on sites such as Download.com is distributing web browser hijacking and fraud malware. Researcher Santosh Revankar says Lavians Inc is pushing the Bing.vc browser redirect and home page hijacker which creates seeming problems that the company then attempts to fix …
"Large software download sites are a hated web relic in infosec circles because security checks are often scanty, while bundler installation programs make direct efforts to trick their users into installing unwanted apps that increase PC attack surfaces."
Maybe they should have a word with CNet as well, eh ? I hate download wrappers. All of them.
This happens a fair few times with small software companies who fail to realise their dream that their software is either not liked or wanted as they had hoped, so a few (with no morels) in an effort to make some extra cash decide to screw over any real potential customers/users by packaging it with as much kick back malware as possible.
There is a great video (although a bit old) that covers the business models of such operations here for anyone that has time to watch:
https://www.youtube.com/watch?v=k2mdUcOXW6I
But their IP is owned by Linode
The other site sharing their IP is http://cheersc.com/ which sells "P2P movie player" and one called "Frozen Movie Player" which for $39.95 will play the movie "Frozen" online for "Free"
I am wondering if malware could be embedded in that too? hmm.
download.com and others are fantastic sites for training reverse engineering. You can always find applications which have been screwed with and hand them out as assignments.
Companies who allow their freeware applications to be downloaded from these sites are just asking for trouble. They'd serve the public better by hosting it on their own site, require registration/validation and ensure an MD5 hash is provided.