Daily cyber threats and internet security news: network security, online safety and latest security alerts
December 6th, 2011

Software Offered By CNET Bundled With Trojans, Spread Through

One of the developers of a network exploration and security auditing tool called Nmap is accusing CNET of bundling free software with Trojans and shady toolbars, and serving them on their website.

Gordon Lyon, also known as Fyodor claims he discovered that Nmap and other free applications such as VLC are downloaded with pieces of malware attached and according to the Virus Total submission, 10 out of 39 vendors detect the Nmap installer as containing a Trojan.

“They even provide the correct file size for our official installer. But users actually get a Cnet-created trojan installer. That program does the dirty work before downloading and executing Nmap’s real installer,” Fyodor said.

He’s also upset with the fact that CNET utilizes their Nmap trademark as if they were involved in the fact that the tool is not actually clean.

“In addition to the deception and trademark violation, and potential violation of the Computer Fraud and Abuse Act, this clearly violates Nmap’s copyright,” he adds.

He states that in many cases users will not look at what they’re downloading or installing and they’ll just end up with a changed homepage, an extra toolbar and maybe even a malicious element.

His biggest fear is that Nmap users will believe that all these extras actually come from the developers, thus ruining their reputation.

“We’ve long known that malicious parties might try to distribute a trojan Nmap installer, but we never thought it would be C|Net’s, which is owned by CBS! And we never thought Microsoft would be sponsoring this activity!”

CNET offered them the opportunity to opt out of the Installer, but Fyodor says he’s not going to stop here. He is now in search of a copyright attorney as he’s sure his rights have been violated.

At the time of writing, the Nmap installer on seems to be clean so maybe the company already acted on the warnings received from the devs.

Credit: News

Share this item with others:

More on CyberInsecure:
  • Malicious Javascript Code In Another CNET Networks Website
  • Trojan Claims To Offer Nude Female Celebrities Pictures
  • Energizer Duo Software Included Backdoor Trojan
  • Diebold ATM Software Targeted By Card-sniffing Trojans
  • CNET Sites Under IFRAME Attack

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Software Offered By CNET Bundled With Trojans, Spread Through

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.