"Hi Folks. I've just discovered that C|Net's Download.Com site has started wrapping their Nmap downloads (as well as other free software like VLC) in a trojan installer which does things like installing a sketchy "StartNow" toolbar, changing the user's default search engine to Microsoft Bing, and changing their home page to Microsoft's MSN," wrote Nmap developer "Fyodor" in a email sent on the project's mailing list, warning the subscribers to be careful when downloading software from the site.


He says that C|Net offers its own trojan installer - which is, by the way, detected as malware by 10 of the 39 AV solutions used by VirusTotal - to pull the Nmap downloads but it doesn't say so explicitly, so users end up thinking that the Nmap Project is to blame for the unwelcome onslaught.

He claims that by using their proprietary installer, C|Net violates the software's copyright. "Our license specifically adds a clause forbidding software which "integrates/includes/aggregates Nmap into a proprietary executable installer" unless that software itself conforms to various GPL requirements (this proprietary C|Net download.com software and the toolbar don't)," he ads, and points out that it also use their registered "Nmap" trademark to legitimize the malware-bundled download.

It seems that this is not the first time that something like this happened, but he says he is nevertheless very surprised that CBS - the company that owns C|Net's Download.Com - would allow such practices, and that Microsoft would be sponsoring the "trojanizing" of open source software.

In conclusion, he expressed his intention of "going after" C|Net to get them to stop doing such things.