Even though I stopped the installation of Filezilla before it had barely begun, the malware had already hijacked Chrome and established itself as the default search engine. Today () I fired up Filezilla and it provided notice of an update, like it has done for what seems like since day one however, today there was the malware Vosteran, a browser hijacker present during installation of Filezilla. I’m guessing SoapUI has a different arrangement with Sourceforge than does FileZilla, though I suspect whatever gains FileZilla thinks they may be getting, are going to be destroyed by the distrust they are building up amongst its end users.įirst off, thank you for the article and for allowing others to post news of this very sad turn of affairs. That is also hosted on Sourceforge, but the download links do exactly what they say they do – no spyware, just the 140Mbyte (!) application. Update: today I also needed to download an update to SoapUI, the excellent SOAP testing and development tool. Good luck, and stay away from Sourceforge – they are looking more dangerous by the day. The one you want is probably down near the bottom of that long list, as the latest is at the bottom and not at the top as you would hope. If you want FileZilla, here are the downloads direct from the project: Given how they are misleading users, I don’t trust them, and neither should you. They try their best to trick you into installing something that has full access privileges to your entire machine, and then sell that on to their “partners”, who could be just about anyone. This shit is misleading and should be considered dangerous. The URL shows me the link to the file I want, but clicking on it redirects my browser to the spyware download again. ![]() Then I tried the “Browse all files” link (which used to be called “other download options”) and went to the direct download page, where I can choose a specific version of FileZilla and download that. What the spyware does, is anyone’s guess, but it asks for permission to change Windows settings, which makes me suspicious. What Sourceforge wants to do, is push a piece of Spyware at you. ![]() Went to Sourceforge to download a copy of FileZilla, the Open Source FTP client. The thing to remember, is to look at the size of the download before you run it. How long that link will remain, is unclear. This link gives you the index page for all the downloads, but it automatically adds the nowrap parameter: So, just add “?nowrap” to get the file you really wanted. Now what you get is the compiled installer for the project, in this case an executable 6MB in size. Quickly go to the URL and add “?nowrap” onto the end. That URL will give you the Sourceforge downloader application for the project, sized about 700kB. When you get to the Filezilla download page, it will be a URL like this: I have just had this tip passed on to me (thanks Mike:), and it is brilliant. The list of files is still there, but every link now redirects to the Sourceforge malware-ridden downloader. ![]() It seems that direct access to the compiled application is no longer available.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |