FYI...
C|Net Download.Com is now bundling Nmap with malware...
- http://seclists.org/nmap-hackers/2011/5
5 Dec 2011 - "... C|Net's Download.Com site has started wrapping their Nmap downloads (as well as other free software like VLC) in a trojan installer which does things like installing a sketchy "StartNow" toolbar, changing the user's default search engine to Microsoft Bing, and changing their home page to Microsoft's MSN. The way it works is that C|Net's download page (screenshot attached) offers what they claim to be Nmap's Windows installer. They even provide the correct file size for our official installer. But users actually get a Cnet-created trojan installer. That program does the dirty work before downloading and executing Nmap's real installer. Of course the problem is that users often just click through installer screens, trusting that download.com gave them the real installer and knowing that the Nmap project wouldn't put malicious code in our installer. Then the next time the user opens their browser, they find that their computer is hosed with crappy toolbars, Bing searches, Microsoft as their home page, and whatever other shenanigans the software performs..."
- https://www.virustotal.com/file-scan...8f6-1323239699
File name: 29d0ca5df3dd63a69630a1bbdbfbcfdad6271702
Submission date: 2011-12-07 06:34:59 (UTC)
Result: 7/43 (16.3%)
- https://isc.sans.edu/diary.html?storyid=12148
Last Updated: 2011-12-06 06:40:53 UTC
Caution: downloads can be hazardous to your PC's health...
- http://h-online.com/-1392501
8 December 2011 - "... much of the proprietary freeware and trial software on Download .com will retain its Download .com Installer packaging. Initial reactions on the net also noted that a number of popular open source programs still had an installer wrapping them and there appears to have been no apology for specifically bundling GPL, or enhanced GPL in the case of Nmap, software with closed source installers."
- http://insecure.org/news/download-co...o.html#updates
Dec 9...
___
- http://www.extremetech.com/computing...ut-motivations
August 22, 2011