C|Net downloader flagged as Trojan - hijacks popular security tool

C|Net downloader flagged as Trojan...

For many IT professionals and geeks, download.com, which is maintained by C|Net, used to be the go to spot for all your shareware and freeware needs. However, that was then, and now, changes over at C|Net have stirred the pot, leading some security vendors to flag their unique software installation tool as Malware.

On Monday, Fyodor (Gordon Lyon) blasted C|Net when a new version of his Nmap software was hijacked by their installer application.

C|Net’s special installation suite will offer to install various third-party tools, as well as altering the browser’s homepage and default search options. With millions of applications available on download.com, not all of them are forced in to the hijacked installation process.

C|Net’s installer is only applied to any updated software package, so Nmap was flagged and taken over the moment version 5.51 was submitted to downloads.com.

“C|Net's download page offers what they claim to be Nmap's Windows installer. They even provide the correct file size for our official installer. But users actually get a C|Net-created Trojan installer. That program does the dirty work before downloading and executing Nmap's real installer. Of course the problem is that users often just click through installer screens, trusting that download.com gave them the real installer and knowing that the Nmap project wouldn't put malicious code in our installer,” Fyodor explained.

To make things worse he added, users will likely install the software as normal, assuming that the source is trusted. When they later access their browser, they’ll find several alterations, from toolbars to start page changes, and some will blame the Nmap project itself.

“In addition to the deception and trademark violation, and potential violation of the Computer Fraud and Abuse Act, this clearly violates Nmap's copyright. This is exactly why Nmap isn't under the plain GPL,” he added.

“Our license specifically adds a clause forbidding software which ‘integrates/includes/aggregates Nmap into a proprietary executable installer’ unless that software itself conforms to various GPL requirements (this proprietary C|Net download.com software and the toolbar don't). We've long known that malicious parties might try to distribute a Trojan Nmap installer, but we never thought it would be C|Net's Download.com, which is owned by CBS! And we never thought Microsoft would be sponsoring this activity!”

Software developers can email C|Net and request that their application not be included in C|Net’s installation suite, however, such requests will be examined on a case-by-case basis the.

“In other words, 'we'll violate your trademarks and copyright and squandering your goodwill until you tell us to stop, and then we'll consider your request 'on a case-by-case basis' depending on how much money we make from infecting your users and how scary your legal threat is. F*ck them! If anyone knows a great copyright attorney in the U.S., please send me the details or ask them to get in touch with me.”

It’s worth noting that the title Trojan is applied to C|Net’s installer, not only by those who are against what it does, but by the anti-Virus industry itself. BitDefender, F-Secure, GData, McAfee, ESET, and Panda all flag the installer when it runs on a system. Three of them actually call it a Trojan.

C|Net defends their installer, by pointing out that the additional installations are “clearly disclosed and provides the option to accept or decline the offer before proceeding with the download.”

“We only show offers for software that is approved for listing on C|Net Download.com. If you do not wish to use the C|Net Installer, we provide a link to the direct HTTP download URL below the main ‘Download Now’ button. You need to be logged in as a C|Net member to use this link.”

Earlier this summer, there were several complaints about the new installer, which led to various postings on the topic, including one from GHacks and one from ExtremeTech, each discussing a different tool.

CBS Interactive, the parent of C|Net and download.com would not discuss the financial aspects of any third-party partnerships.

Like this article? Please share on Facebook and give The Tech Herald a Like too!

From our Other Sites

Awesome Stuff Made Out Of Car Parts

An awesome picture has started doing the rounds showing a bathroom with sinks made out of car tires and faucets created from gas pumps. It’s the ideal bathroom for any discerning car nut. That got us thinking — what other stuff is there made out of car parts and car paraphernalia. Here are some of the coolest […]

Range Rover Evoque Convertible Confirmed

Land Rover has officially confirmed that the Range Rover Evoque Convertible will go on sale in 2016. The company released some publicity photos showing a prototype of the Evoque Convertible driving through train tunnels under construction in London. The company says use of the Crossrail tunnels let them test the convertible in privacy. A Land […]

Mercedes-AMG GT3 Racing Car to Debut at Geneva Motor Show

The company says the standard Mercedes-AMG GT already provides the ideal base for the race model, with low centre of gravity, good weight distribution and wide track width.The driver sits on a carbon-fibre seat pan and is protected by a roll-over cage made from high-tensile steel.The engine cover, doors, front wing, sidewalls, side skirts, diffuser, […]

Lamborghini Aventador Wallpaper

Lamborghini Aventador wallpaper for your desktop or mobile device. The Aventador LP 700–4  has a 6.5 liter V12 that will go 0–60 mph in  2.9 seconds and take you all the way to 220mph and maybe beyond.Each image links to a page with multiple sizes of wallpaper you can download.

Man Makes Tiny Edible Pancakes with Tiny Kitchen Tools (Video)

This Japanese guy cooks up some pancakes…nothing special there right? Well he uses tiny implements to do it and makes perfect little pancakes. Kinda cool and they look tasty!

What Color is this Dress?

White and Gold or Blue and Black?
Well this one has been trending all over the web, just what color is this dress? It all started in Scotland when the mother of a bride-to-be sent a picture to her daughter asking what she thought of the dress. The bride and groom each saw the image differently, this then got posted online and picked up by some viral sites. The lighting in the photo is probably causing different people to see it as either white and gold or blue and black. Prof Stephen Westland, chair of color science and technology at a university in the UK told the BBC that it was impossible to see what other people see but that it […]

McLaren 675LT Pictures

Some great shots of the forthcoming McLaren 675LT. This coupe will get you to 60mph in less than 2.9 second and go all the way to 205mph.

McLaren 675LT Details

McLaren’s 675LT will debut at this year’s Geneva show and promises some eye-popping performance. The coupe only 675LT has a 3.8 liter V8 that will get you from 0-60mph in less than 2.9 seconds and to 124mph in less than 7.9 secondsMore than a third of the parts have been changed compared with its stable mate […]

McLaren 675LT Wallpaper

Some cool McLaren 675LT Wallpaper. The McLaren 675LT is the latest coupe to come from the supercar maker and has a top speed of 205mph.Click on an image to open a page with multiple sizes that you can download to use as wallpaper for your mobile or desktop.More McLaren Wallpaper.

Octopus hunts on land, grabs crab (Video)

This crab is minding its own business searching the rock pools for food when suddenly an octopus leaps out of the water and grabs it. The amazing thing is that the octopus does not just jump on the crab it actually pulls it all the way back to the rock pool it came from. If you check the second video you will see it is not unknown for octopus to come out of the water and the one in the second video has a crab with it, though is not hunting one! Octopus Walks on Land at Fitzgerald Marine Reserve The video was taken by Porsche Indrisie in Yallingup, Western […]