One of those two sites is distributing adware. Which of them?

File Converter (FOSS) by Adrien Allard was hosted on file-converter[.]org since a decade. Then someone a few weeks ago snatched that domain and it’s now distributing adware. Almost identical design for the page, 100% designed to deceive users to download a different product, as it’s called Zamzar.

  • @jet@hackertalks.com
    link
    fedilink
    English
    656 months ago

    The benefit of using a package manager like Winget, brew, apt, snap, fdroid is that these attacks are less likely especially with doubly signed reproducible builds like fdroid

    • @Moonrise2473@feddit.itOP
      link
      fedilink
      English
      436 months ago

      i downloaded an old version from 2017 to see what happens when checking updates on the domain that’s now distributing the scam. Luckily they’re replying with a 404 and not with “install this new update, it’s 100% safe”

      • laura
        link
        fedilink
        English
        96 months ago

        you’d hope that the updater will at least check if the file is signed by the correct entity

    • XNX
      link
      fedilink
      English
      26 months ago

      Couldn’t he have sold control of the repo attached to the package managers and this still would happen?