One of the developers of a network exploration and security auditing tool called Nmap is accusing CNET of bundling free software with Trojans and shady toolbars, and serving them on their Download.com website.
Gordon Lyon, also known as Fyodor claims he discovered that Nmap and other free applications such as VLC are downloaded with pieces of malware attached and according to the Virus Total
submission, 10 out of 39 vendors detect the Nmap installer as containing a Trojan.
“They even provide the correct file size for our official installer. But users actually get a Cnet-created trojan installer. That program does the dirty work before downloading and executing Nmap's real installer,” Fyodor
said.
He’s also upset with the fact that CNET utilizes their Nmap trademark as if they were involved in the fact that the tool is not actually
clean.
“In addition to the deception and trademark violation, and potential violation of the Computer Fraud and Abuse Act, this clearly violates Nmap's copyright,” he adds.
He states that in many cases users will not look at what they’re downloading or installing and they’ll just end up with a changed homepage, an extra toolbar and maybe even a malicious element.
His biggest fear is that Nmap users will believe that all these extras actually come from the developers, thus ruining their reputation.
“We've long known that malicious parties might try to distribute a trojan Nmap installer, but we never thought it would be C|Net's Download.com, which is owned by CBS! And we never thought Microsoft would be sponsoring this activity!”
CNET offered them the opportunity to opt out of the Download.com Installer, but Fyodor says he’s not going to stop here. He is now in search of a copyright attorney as he’s sure his rights have been violated.
At the time of writing, the Nmap installer on
download.com seems to be
clean so maybe the company already acted on the warnings received from the devs.
Find us on Google+
