Home page logo
/

nanog logo nanog mailing list archives

Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmapwith malware!]
From: Steven Bellovin <smb () cs columbia edu>
Date: Tue, 6 Dec 2011 13:09:57 -0500


On Dec 6, 2011, at 12:34 31PM, William Allen Simpson wrote:

On 12/6/11 12:00 PM, Eric Tykwinski wrote:
Maybe it's just me, but I would think that simply getting them listed on
stopbadware.org and other similar sites would probably have much more of an
effect.
The bad publicity can cause them to change tactics, but it takes some time.
I've seen much quicker results from blacklisting on Google and other search
engines.

I've reported it as a malware site via Firefox.  Have you?

But the whole site should be scanned for other/similar malware, and blocked
accordingly.  Probably a harder problem, as it gives different downloads
depending on browser and OS.


Per the Krebs on Security link that Kyle just posted (and beat me to it),
the installer is already flagged as malware by a number of different scanners.


                --Steve Bellovin, https://www.cs.columbia.edu/~smb







  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault