Sourceforge Hijacks the Nmap Sourceforge Account

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • MrGusMuller
    Confirmed User
    • Oct 2010
    • 1262

    #1

    Sourceforge Hijacks the Nmap Sourceforge Account

    Hello all!,
    For those who use Sourceforge be aware!

    Related links:
    Nmap Development: Sourceforge Hijacks the Nmap Sourceforge Account
    Sourceforge has begun hijacking popular accounts like GIMP and NMAP and replaced the author's install files with trojans full of malware. : technology
    SourceForge locked in projects of fleeing users, cashed in on malvertising [Updated] | Ars Technica



    From: Fyodor <fyodor () nmap org>
    Date: Wed, 3 Jun 2015 00:56:23 -0700

    Hi Folks! You may have already read the recent news about Sourceforge.net
    hijacking the GIMP project account to distribute adware/malware
    .
    Previously GIMP used this Sourceforge account to distribute their Windows
    installer, but they quit after Sourceforge started tricking users with fake
    download buttons which lead to malware rather than GIMP. Then Sourceforge
    took over GIMP's account and began distributing a trojan installer which
    tries to trick users into installing various malware and adware before
    actually installing GIMP. Of course this goes directly against Sourceforge's
    promise less than two years ago:

    "we want to reassure you that we will NEVER bundle offers with any project
    without the developers consent"
    --http://sourceforge.net/blog/advertising-bundling-community-and-criticism/

    So much for that promise! Anyway, the bad news is that Sourceforge has
    also hijacked the Nmap
    account from me. The old Nmap project page is now
    blank:

    Nmap download | SourceForge.net

    Meanwhile they have moved all the Nmap content to their new page which only
    they control:

    Nmap download | SourceForge.net

    You can see at the top that the owners of the Nmap page are now
    'sf-editor1', and 'sf-editor3'. You can click on those to see other
    projects they have hijacked.

    So far they seem to be providing just the official Nmap files (as long as
    you don't click on the fake download buttons) and we haven't caught them
    trojaning Nmap the way they did with GIMP. But we certainly don't trust
    them one bit! Sourceforge is pulling the same scheme that CNet
    Download.com tried back when they started circling the drain:

    http://insecure.org/news/download-com-fiasco.html

    We will ask Sourceforge to remove the hijacked Nmap page, but more
    importantly we want to reiterate that you should only download Nmap from
    our official SSL Nmap site:

    https://nmap.org/download.html

    If you don't trust SSL by itself (and we don't blame you), you can also
    check the GPG signatures: https://nmap.org/book/install.html#inst-integrity

    Cheers,
    Fyodor

    PS: Ars Technica has a good article about the Sourceforge/GIMP fiasco:
    http://arstechnica.com/?p=673477

    PPS: Sourceforge now claims they will stop trojaning software without the
    developer's permission, but they've broken that exact promise before.

    CORRECTION: I initially had Michael Schumacher listed as CEO of Sourceforge,
    but that was a big mistake! He's actually one of the good guys (from GIMP).
    I apologize for that.

    StagCMS - Adult CMS - user friendly adult content management system - speed up your websites with no SQL connections
    ICQ: 63*23*43*113

  • AdultKing
    Raise Your Weapon
    • Jun 2003
    • 15601

    #2
    It's not the first project.

    Dozens of high profile projects have been hijacked by sf_editor1, sf_editor2, sf_editor3 and now contain binary downloads that bundle malware or spyware into the download.

    Also the site is populated by dodgy download button ads and fake video player download ads targeting Chrome users.

    If that's not bad enough, other DICE properties have been censoring the news about this, for example on /. (Slashdot) which has also fallen into the aggressive money making advertising tactics of this sinking ship.

    Rather than modernise SourceForge, Slashdot and other properties they have joined this race to the bottom, trying to extract as much cash now out of unwary visitors through spam, malware and adware.

    Comment

    • EddyTheDog
      Just Doing My Own Thing
      • Jan 2011
      • 25433

      #3
      Sourceforge was always a minefield - If I have to download anything from them it's always scanned and scanned again...

      Comment

      • CPA-Rush
        small trip to underworld
        • Mar 2012
        • 4927

        #4

        automatic exchange - paxum , bitcoin,pm, payza

        . daizzzy signbucks caution will black-hat black-hat your traffic

        ignored forever :zuzana designs

        Comment

        • MrGusMuller
          Confirmed User
          • Oct 2010
          • 1262

          #5
          heik ... :/
          shitty story
          StagCMS - Adult CMS - user friendly adult content management system - speed up your websites with no SQL connections
          ICQ: 63*23*43*113

          Comment

          Working...