And what to think of this: http://www.viruslist.com/en/weblog?weblogid=208187489
Hackers managed to hack a very popular download manager and changed the updates of the genuine program with a trojan. For ten days FlashGet functioned as a trojan downloader infecting millions and millions of users during the process. (6 million downloads per season is normal for this proggie) .
The attackers got access to the FlashGet servers and put the malware out there, the software on the user side took these to be a genuine FlashGet update and started to download automatically and install the malware without further notice. The problem is created because of the way the program behaves, through adapting the ini.file automatically a mentioned file will download and install, without any interaction. Here the malcreants found a golden opportunity as well. So scan your downloads before clicking that download link: http://www.freedrweb.com/browser/ with DrWeb’s free linkchecker,
Wow a close call, I have FlashGot, only one character out ;D
Seriously though, for many with flashget it won’t have been a problem as they probably don’t update their software very often as is often seen in the forums.
Well I posted an empty link there, this give the full story: http://bbs.flashget.com/en/viewtopic.php?f=15&t=9763
Final conclusion, do not take any download for granted, not a single one, it could be hacked, replaced, injected…
Thanks, Damian it is a sorry state of affairs, it was posted on their forums on march 2nd and here we are march 15th and no official response in the topic, much less a fix. Not a good advert for the product for those unfortunate enough to use it (not me).
What may have been “clever” about this is three versions at least where detected. inapp4.exe, inapp5.exe & inapp6.exe I think some people where lulled into thinking the problem was fixed with an update.