Announcement

Collapse
No announcement yet.

CNet's Evil Crapware Babylon toolbar Bundling

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • CNet's Evil Crapware Babylon toolbar Bundling

    In the continuing long decline of the download.com web site, it seems they have decided to start bundling malware with their downloads.

    As described by Fyodor over at seclists.org.

    "I've just discovered that C|Net's Download.Com site has
    started wrapping their Nmap downloads (as well as other free software
    like VLC) in a trojan installer which does things like installing a
    sketchy "StartNow" toolbar, changing the user's default search engine
    to Microsoft Bing, and changing their home page to Microsoft's MSN.

    The way it works is that C|Net's download page (screenshot attached)
    offers what they claim to be Nmap's Windows installer. They even
    provide the correct file size for our official installer. But users
    actually get a Cnet-created trojan installer. That program does the
    dirty work before downloading and executing Nmap's real installer."
    As well as doing it to a number of free open source products they have done it with our OSForensics package as well. In our case they are distributing a file called cnet2_osf_exe.exe with our software. This contains the "Babylon toolbar". See screen shot below.

    A number of the Anti-virus packages are already flagging the bundled software as a Trojan.
    http://www.virustotal.com/file-scan/report.html?id=5bd70802c051fd95d0d78ac168385cd5047 05c00526ded2fd5edebdcc32d48f6-1323139801

    Needless to say, it is pretty evil for CNet to do this without informing us.

    Other developers have stated that if you pay CNET for advertising then CNet doesn't bundle their crapware. Which make it more like blackmail. If we get an additional details, we'll add to this post.

    So for the moment we strongly suggest you don't use download.com. Go direct to the developer's sites for your downloads.

    More details here,
    http://seclists.org/nmap-hackers/2011/5
    http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations


    Screen shot of CNET crapware

  • #2
    Seems there is a note buried on the CNet site about it.
    http://cnet-upload.custhelp.com/app/...tail/a_id/2064

    They claim to be doing it for "more security and utility as well as better consumer protections."

    Which means they are not just evil. But evil liars.

    Everyone in the business knows they are doing it for the money. It is called pay per install, PPI. We get approached several times a year will offers to bundle our software with various crapware, but turn them all down. The one hassling us at the moment is installmonetizercorp. But now CNet has done it without telling us.

    You get between $0.02 and $1.00 per install of the crapware, depending on the crapware provider and the location of the person doing the install. For example an install in Mexico is worth just $0.04, an install in the UK is worth $0.40 and for the USA an install can be worth up to $1.00.

    Which means the money can be hard to resist. (We do around 20,000 downloads a day from our website for example).

    Even stranger is that Microsoft have (had?) an alliance with CNet to supply data for the Window's market place.
    http://www.cnet.com/html/aboutcnet/p...04/071204.html
    Our understanding is that Microsoft paid CNet for this. And now CNet are helping to mess up the Windows user experience. In the long term it will only drive more people to Apple and their walled garden.

    Comment

    Working...
    X