[nsp-sec] Fwd: C|Net Download.Com is now bundling Nmap with malware!
William Allen Simpson
william.allen.simpson at gmail.com
Wed Dec 7 05:20:52 EST 2011
On 12/6/11 12:41 PM, Peter Moody wrote:
> Re-scanning the downloader that cnet is offering for nmap gives me different results [1] (the hashes are different, maybe they aren't bundling anymore?)
>
> I'll ping fyoder.
>
> Cheers,
> peter
>
> [1] http://www.virustotal.com/file-scan/report.html?id=19d29395a7889a33b42d359388539f9423859cfe7778e281d337ef8b9cc997df-1323192300
>
Thanks, Peter. Apparently, they've changed bundles twice in 2 days:
http://insecure.org/news/download-com-fiasco.html#updates
Also, over on NANOG, it's become apparent that they offer different
things depending on the browser and OS.
As mentioned here and elsewhere, perhaps Google or stopbadware.org or
whatever could scan the whole site, and issue the Warning: Visiting
this site may harm your computer!
It's not an easy job to scan, because of the varying downloads.
More information about the nsp-security
mailing list