Download.com serving up malware

Download.com a.k.a. C|Net download.com is no longer a safe location to download programs, because it now wraps the software in a Trojan Installer, detected as malware by major Anti-Virus programs.

This story was first reported back in August on the ExtremeTech site, when VLC was "trojanised" by Download.com. See "Download.com wraps downloads in bloatware, lies about motivations"

Now it has re-emerged, because another well-known program used by Computer Security testers (nmap) has also been "trojanised" by Download.com:

I've just discovered that C|Net's Download.Com site has started wrapping their Nmap downloads (as well as other free software like VLC) in a trojan installer which does things like installing a sketchy "StartNow" toolbar, changing the user's default search engine to Microsoft Bing, and changing their home page to Microsoft's MSN.

The installer is actually detected as malware:

In fact, if we UPX-unpack the Trojan CNet executable and send it to VirusTotal.com, it is detected as malware by Panda, McAfee, F-Secure, etc: VirusTotal

That bit.ly link will redirect you to virustotal.com for the test results.

Looks like download.com is no longer a safe place to go, for any downloads.