Home » Blog » Cybersecurity » Cybersecurity » Warning: Download.com (CNET Downloads) A cesspool for privacy invading malware and rogue software
Download.com Malware

Warning: Download.com (CNET Downloads) A cesspool for privacy invading malware and rogue software

Download.com Malware

I have a lot of experience removing rogue software from download.com that is reported by our visitors and have shared many emails on a variety of subjects with employees of the CNET website (CBS). Having said this, I have been aware for years that malware, mostly in form browser hijackers and rogue software CAN exist on the publicly accessible website (See RegGenie), but it seems more malware is being distributed on download.com today than ever, labeling the website a cesspool for privacy invading malware.

This past year (2012), more amounts of visitors are leaving comments and sending messages about software they have downloaded from download.com (download.cnet.com) containing privacy invading malware without their consent, categorized as adware, browser hijackers, and more such as Funmoods (see comments).

One reader claims that they downloaded the legitimate Anti-malware software Malwarebytes from download.com, and months later they became infected with a browser hijacker. This reader states “The only download I’ve done in the last probably three months was downloading Malwarebytes from download.com. I had no problems before that, then suddenly had this Funmoods stuff and couldn’t figure out where it came from.”

Another reader says “I was installing an extension renamer called… EXTENSION RENAMER and this **** was packaged in with it AND DID NOT ASK or NOTIFY that it was being installed.”

Conclusion

After reaching out to CNET Downloads about these issues, and as mentioned before having numerous discussions with CNET employees concerning the removal of malicious downloads, it can only be concluded that Download.com is not safe to download software from. Even legitimate software downloads including Malwarebytes are compromised.

If you need to download software, avoid CNET download’s website download.cnet.com. It is highly recommended to analyze reviews about software you wish to download and download software from the manufacturer’s secure website or source. 

February 2013 Update

It’s now verified that CNET bundles malware with their downloads in order to monetize free products and services. To add more, CNET has been sued by numerous software manufacturers for bundling malware with installments of their distributed software, even without notifying the developers. This often causes victims of CNET malware to report the legitimate software they downloaded from the distributor as unethical.

Lead Editor

Sean is a tech author and engineer with over 20 years of experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and other topics. He is featured in several publications.

More Reading

Post navigation

26 Comments

  • Just tried downloading a mp3 encoder, which did not install properly, unlike he 8 (!) other programs including a hijacker. Hope they get their asses sued back to the stoneage. Fucking assholes.

  • i’ve just been cneted … never downloading from them again .

    it didn’t ask to install anything , just did … 5 different things ..

  • I just downloaded “shouldiremoveit” from cnet, and it came with 3 toolbars, and a bunch of other things. I canceled the installation, and decided to do more research about cnet and stumbled on your take. I am shocked, cnet used to be very reliable!

  • Just now got a simple utility, along with 5 others, which were not listed nor was I prompted for approval.

    Did some serious clean-up afterwards…

  • ok so how do I download a legitimate copy of malwarebytes? I downloaded it through cnet and was given toparcade hits and a bunch of other stuff I do not want on my computer. But when I go to the malwarebytes website and click download now it takes me to a cnet download?

  • Just happened to me. I download YWriter5 and it came with some shitty malware programs which I’M TRYING TO GET OFF, but to no avail..

    Thanks a fucking lot, CNET. You’ve completely lost my trust, you fucking assholes.

  • Just got burned by CNET. I’ve been using CNET downloads for YEARS. The bastards put “Coupons By Quickshare”, “TopArcadeHits”, and who knows what else on my PC. Thanks for the article, it was very enlightening.

  • Interesting article. Although I find it funny to read it and to see an ad for Cnet, on the right side panel of the page 🙂

    • That is not ad for CNET. That is an advertisement for Malwarebytes that links to the Malwarebytes website that happens to contain text suggesting that the software was a top download on the website. 🙂

  • Today I downloaded a Zip File Recovery program from download.com
    4 hours later ads started appearing where the comments should on my friends facebook photos. Baffled, I hovered over the link and found out it was Coupon Companion and it had been installed WITHOUT my knowledge when I got the zip recovery software. I pay close attention to installers because I can’t stand bloatware and what not, and there was not even a mention of this let alone a check box.

    Used download.com since the late 90’s. NEVER again. Giving us tricky options is one thing, but installing ad/malware without ANY indication is another

  • I can confirm this. I downloaded from CNET a legitimate proxy server trial program (Mask Surf) and immediately discovered I was infected with Text-Enhance Adware. It was easily removed using instructions on this site, but the point is CNET posted a line to the effect that this download has been checked by our staff and is certified virus-free. The same download from the software issuer’s actual site generated zero problems. So, YES, this is important–shop for great software at CNET…THEN go to the source to download and NEVER download anything from CNET.

  • Well said Sean, I heard they are being sued for including “privacy invading malware” in the software of a few companies without their consent. I think one is called ntmap, or something rather.

  • This definitely needs to be quoted again here: “… it can only be concluded that Download.com is not safe to download software from. Even legitimate software downloads like Malwarebytes are compromised…” YES folks read this again, keep it uppermost in your mind, and whatever you do, DO NOT GO TO CNET TO DOWNLOAD ANYTHING !! I speak form experience, spending the last two weeks cleaning out malware, and ultimately re-installing the OS on a just-purchased Dell XPS 8500. I’m not sure what kind of pea-brain at CNET thinks this is an acceptable or justifiable way to run a business. Basically CNET is now in the malware business — there is no question about it. I personally will try to find as many ways to publicize this as I can, and I urge anyone reading this to do precisely the same thing.

  • Wish I had seen this earlier. Just had to remove Snap Do browser hijacker and Price gong malware from my computer after installing a program from there (The official site has their downloads through download.com for some reason). Last time I downloaded something from the site I ended up with major malware and trojan problems as well. (Gave Cnet the benefit of the doubt as a one off mistake but that was obviously mistaken and I wont use them again- it’s like russian roulette for your computer).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

New security threat puts all Internet Explorer users at risk

Paypal, Symantec, And Others Hacked By Anonymous, Is Facebook Next?

Avira partners with Yet Another Cleaner, can no longer be trusted