November 10th, 2008

CNET Download.com not so 'spyware-free'

Posted by Ryan Naraine @ 8:30 am

Categories: Anti Virus, Browsers, Malware, Privacy, Research, Responsible disclosure, Spam and Phishing, Spyware and Adware, Viruses and Worms

Tags: Adware, Kaspersky Lab, Malware, CNET Download.com, Spyware, Adware & Malware, Spyware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

On its home page, CNET’s Download.com promises that all software available on the site “has been tested to ensure it’s 100% free of spyware, viruses, and other malware.”     Unfortunately, there appears to be a kink in the system that allows the display of a known adware program called AntiVirus Defender.

According to malware researchers at Kaspersky Lab (disclosure: my employer), the adware program is appearing as a recommendation in Download.com’s Anti Virus Software tab (see screenshot below):

Kaspersky Lab discovered the issue while downloading a piece of software and being redirected to the Downloads.com recommendations page.  We’re not sure if this is something that slipped through the cracks at Downloads.com or whether the site was compromised. CNET has been notified.

The moral of this:

You’re security conscious and you want to protect your computer. You’re looking for useful utilities. Download.com assures users that all programs available via the website have been analysed, and don’t contain any malicious code. So maybe you relax your vigilance. But with both businesses and bad guys making use of sponsored links on sites like download.com and Google, you’ve got to stay very alert indeed to make sure that you don’t get caught out. 

* Image source: Viruslist.com analyst’s diary.