C|Net download.com serving malware with nmap software

Published: 2011-12-06
Last Updated: 2011-12-06 06:40:53 UTC
by Kevin Shortt (Version: 1)
6 comment(s)

Fyodor from insecure.org and the creator of nmap has issued the following statement on the nmap-hackers mailing list today.


nmap is one the most respected networking tools available.
This is just another example that it is easy to be duped.

Downloaders beware. Stay vigilant.

ISC Handler on Duty

Keywords: nmap
6 comment(s)


CNet has been doing this for a long time. I refuse to download anything from them. Why bother when sourceforge is a billion times faster, anyways?
I would like to see more sites post the hash value of the official package right next to the download button. While not perfect it would definitely influence me not to install a package that didn't compute.
I uninstalled the CNET tracker from my Mac just today...used to hit it every day for updates and new apps. but not now.
That's WHY I only download applications from the source, rather than second party sites.
Too easy to end up having to format and reimage my machine otherwise.
I don't know that I would categorize the Bing! toolbar as malware. It's not like that, and having your default web page changed to Microsoft, are the same thing as being hit with Blackhole, Zbot, etc. Is it annoying, rude, and a flagrant violation of Nmap's terms of use? Absolutely. But malware? Not by any definition I've seen
- http://www.theregister.co.uk/2011/12/06/cnet_nmap_toolbar_wrapping_row/

- https://www.virustotal.com/file-scan/report.html?id=5bd70802c051fd95d0d78ac168385cd504705c00526ded2fd5edebdcc32d48f6-1323239699
File name: [b]29d0ca5df3dd63a69630a1bbdbfbcfdad6271702[/b]
Submission date: 2011-12-07 06:34:59 (UTC)
Result: 7/43 (16.3%)

Diary Archives