Thursday, 4 June 2015

SourceForge Account Hijacks Popular Networking Tool Nmap

In recent days Sourceforge download site came into the news because some abandoned software project that took over were offered through the website and then foresaw the installation of adware. Because of all the commotion SourceForge decided to stop this practice, claiming that it no longer would bundle adware with these abandoned projects. Additionally, it would join only occur with active projects whose developers had given permission.

That pledge has already been violated, says Nmap developer Gordon Lyon. Nmap is a very popular tool for scanning networks. The Nmap Development mailing list Lyon late today that SourceForge his account on the download has been hijacked. The old Nmap page is now empty and all content has been transferred to another page where only SourceForge has the control.

"For now they only offer the official Nmap-files (as long as you do not click on the fake download buttons) and we have not yet caught trojaniseren of Nmap as they did with GIMP. But we trust them for no meter," says Lyon. He points to an earlier incident with in 2011 was caught when the malware bundled with the installer Nmap. The developer will ask nmap to remove the hijacked Nmap-page. "But more importantly, we want to reiterate that you should download Nmap only of our official Nmap SSL site."

No comments:

Post a Comment