"cleans up" Nmap but not other downloads
Posted on 08.12.2011
When he discovered that Nmap was being distributed by C|Net's site bundled up with a proprietary trojan installer that installed a sketchy toolbar, changed the users' default search engine to Microsoft Bing, and changed their home page to Microsoft's MSN, Nmap developer "Fyodor" raised the alarm and began warning users left and right.

It took less than a day for to react and quietly switch their Nmap downloads back to the software's real installer, and for Microsoft to contact him and explain that they weren't aware of the fact that they were sponsoring CNET to trojan open source software. They put the blame on one of their distribution partners, and said that it has suspended operations with C|Net until this issue has been solved.

"But the trojan installer uses your Internet connection to obtain more 'special offers' from C|Net, and they immediately switched to installing a 'Babylon toolbar' and search engine redirect instead. Then C|Net removed that and are now promoting their own 'techtracker' tool," says Fyodor in a new message to the nmap-hackers mailing list, and warns that other packages available for download on the site are still bundled with the installer.'s Adware & Spyware Notice offers contrasting claims and statements regarding the safety of downloading from the site.

On one hand it says that "every time you download software from, you can trust that we've tested it and found it to be adware-free," then they follow up with "despite our vigilance, we can't guarantee that our library is 100% adware-free." So, which is it?

Given that is one of the most popular sites for downloading software, this kind of behavior is alarming.


More than a third of employees would sell company data

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jul 31st