Softonic has been a problem before, as outlined in a previous article, Boycott Softonic. In a nutshell, Softonic was wrapping some software downloaded from their site in an adware installer, which installed the ChatZum adware. Worse, the adware was installed regardless of whether you declined this “optional” software. Although Softonic quickly removed these installers when caught, they obviously did not learn the error of their ways. Adware-riddled installers are back!
Read the rest of this entry »

16 Comments

Just a few hours ago, I wrote about a VLC installer on Softonic that was installing adware. (Adware that was not authorized to be included with VLC, according to a post by Jean-Baptiste Kempf of VLC.) It has just come to my attention that the same thing is happening with UnRarX, and on downloading that software from Softonic, I verified that the installer behaves in the same way. It looks like Softonic is wrapping free software in a custom installer that installs adware, obviously to generate revenue for Softonic. I’m sure that the list of software being abused in this way will continue to grow over the next few days. This is despicable behavior, and I would ask everyone to boycott Softonic until they change their behavior.
Read the rest of this entry »

8 Comments

It was brought to my attention today by an astute reader that there is a copy of VLC, currently being hosted on Softonic, which has had adware added to it. Of course, I had to investigate, and what I found is very concerning. That report turns out to be completely true, and worse, the adware installs components on your system even when you opt out of installing it!
Read the rest of this entry »

44 Comments

You should only download software directly from the site of the developer who created the software. This has been a bit of standard advice given by security people like myself when trying to help people understand what to download and what not to download. It’s good advice, right? Well… mostly, but not entirely, unfortunately.
Read the rest of this entry »

34 Comments

In recent months, several new variants of the Genieo adware have crossed my path. This adware is still pulling many of the same tricks – changing the search engine to Bing, and installing all kinds of junk that runs in the background and modifies browser behavior. However, it’s now using a variety of different names, perhaps in an attempt to make detection more difficult.
Read the rest of this entry »

31 Comments

On Wednesday, ArsTechnica reported that the Windows version of the open-source GIMP image editing app hosted on SourceForge has been “seized” by SourceForge and used for distributing adware. This is a troubling development, but not exactly surprising for those who have been following the antics of SourceForge lately. Is it time to boycott SourceForge, as is already recommended for sites like Download.com and Softonic?
Read the rest of this entry »

17 Comments

InstallCore is adware that began with a couple simple browser extensions. (One of these took the same name as a Spigot extension, “Searchme”, leaving questions about whether InstallCore might be related to Spigot in some way or whether this is purely coincidence.) Recently, however, new variants of InstallCore have been appearing like poop on a lawn full of geese. And some of the strategies it’s using stink just as badly!
Read the rest of this entry »

34 Comments

My Mac Malware Guide has, for some time, made the claim that a properly up-to-date Mac OS X system cannot be infected by any known malware. This was true at one point, with some provisos, when that text was originally written. However, recent cases of malware that has failed to be blocked by the XProtect anti-malware system in Mac OS X prompted me to do a re-evaluation of this statement. What I found was profoundly disappointing, leaving me wishing that I could take those words back.
Read the rest of this entry »

9 Comments

InstallMac is adware that I have written about before, as it is currently being added to some downloads available on Softonic. (Without the permission of the developers of the apps in question, I should note.) This adware, as well as the Genieo adware that powers it, has been known for some time to have a non-functional uninstaller. Although the uninstaller does appear to remove the software, it leaves behind some of the hidden components. It turns out, though, that the uninstaller’s behavior is worse than previously known!
Read the rest of this entry »

27 Comments