nanog mailing list archives

Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmapwith malware!]

From: Steven Bellovin <smb () cs columbia edu>
Date: Tue, 6 Dec 2011 13:09:57 -0500


On Dec 6, 2011, at 12:34 31PM, William Allen Simpson wrote:

On 12/6/11 12:00 PM, Eric Tykwinski wrote:

Maybe it's just me, but I would think that simply getting them listed on
stopbadware.org and other similar sites would probably have much more of an
effect.
The bad publicity can cause them to change tactics, but it takes some time.
I've seen much quicker results from blacklisting on Google and other search
engines.

I've reported it as a malware site via Firefox.  Have you?

But the whole site should be scanned for other/similar malware, and blocked
accordingly.  Probably a harder problem, as it gives different downloads
depending on browser and OS.

Per the Krebs on Security link that Kyle just posted (and beat me to it),
the installer is already flagged as malware by a number of different scanners.


                --Steve Bellovin, https://www.cs.columbia.edu/~smb

Current thread:

[fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] bmanning (Dec 05)
- Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Steven Bellovin (Dec 05)
- Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Jay Ashworth (Dec 05)
- Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] andrew.wallace (Dec 05)
  - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Valdis . Kletnieks (Dec 06)
    - RE: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Kain, Rebecca (.) (Dec 06)
    - RE: [fyodor () insecure org: C|Net Download.Com is now bundling Nmapwith malware!] Eric Tykwinski (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmapwith malware!] Kyle Duren (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmapwith malware!] William Allen Simpson (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmapwith malware!] Steven Bellovin (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] andrew.wallace (Dec 06)
    - RE: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Nathan Eisenberg (Dec 06)
    - RE: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Kain, Rebecca (.) (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Owen DeLong (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Ray Soucy (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Valdis . Kletnieks (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Dan Collins (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Edward Dore (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Valdis . Kletnieks (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Malte von dem Hagen (Dec 06)

(Thread continues...)