SourceForge Injecting Malware In To Software Installers

SourceForge Malware

A popular and long-standing software download site, SourceForge, is injecting malware in to its software installers. 

If you go to Google and search for ‘free whatever software’, chances are you’ll stumble upon SourceForge.

For example, if you attempt to download a popular FTP program, FileZilla, you will not be receiving an installer for just FileZilla.  Instead, you’ll find an installer loaded up with adware and malware.

If you’re utilizing ESET Nod32 Antivirus, it detects the installer’s injected payload:

ESET Detecting PUP on SourceForge
ESET Detecting PUP on SourceForge

So it looks like SourceForge has gone the same route as CNET.  I have personally avoided both sites for years and if you’re looking for installers for common programs, Ninite is a legitimate solution.

I am a Software Developer, System Administrator, and consignment software specialist. I currently manage hundreds of consignment workstations, point of sale systems, and database servers all across North America and I am the developer of Peeps' Software, Peeps2Go, and Peeps' Consignor Login for iOS and Android. I've been helping consignment & resale store-owners since 2003. I started The Computer Peeps in February of 2010. Peeps' Software launched in 2016 and is now on hundreds of systems all across North America. I have successfully converted dozens of stores from all of the major consignment software systems. After 20 years of working with consignment stores, I understand the unique challenges consignment & resale store-owners face. From electrical issues in old buildings or strip malls, to advocating for them when their old consignment software keeps crashing.

Leave a Comment

Your email address will not be published. Required fields are marked *


Back To Top