Download.com and Other Sites Bundling Superfish-Style Adware: Report

Advertisement
By Hitesh Arora | Updated: 25 February 2015 16:59 IST
Download.com and Other Sites Bundling Superfish-Style Adware: Report
Despite new security features being added on an almost daily basis, we are certainly not moving towards a more secure Internet - at least, this is what can be derived from recent findings.

After Lenovo was found to be installing the malicious adware Superfish in consumer machines, another report on Monday came out suggesting that it is not the only one doing it. It reported two names of the security firms that have added similar man-in-the-middle code in their software platforms. While one software is being said to be using vulnerable SSL-interception technology sold by Komodia, similar to what Superfish employed, the other using different technology achieves the same effect of bypassing SSL and HTTPS protection.

All this seems to have created panic in consumers, and researchers are taking concerns seriously. According to a new report by How to Geek on Monday, several freeware and software sites (including CNET's Download.com) are bundling HTTPS-breaking-adware nowadays.

The report notes that the adware like Wajam, Geniusbox, Content Explorer, and many others are following the same trend as seen with Superfish in Lenovo. These companies are installing their own certificates and forcing all your browsing (including HTTPS encrypted browsing sessions) to go through their proxy server. Not just that, the report claims that your machine can just get infected "by installing two [KMPlayer and YTD] of the top 10 apps on CNET Downloads." The two apps reportedly feature two different types of "HTTPS-hijacking adware".

Once the adware is installed and is proxying all the traffic, users start to see ads all over even on the secure sites, like on Google, "replacing the actual Google ads, or they show up as popups all over the place, taking over every site."

Advertisement

These adware essentially install their fake root certificates into the Windows Certificates store and then use proxies to connect to secure sites with the fake certificates, explains report.

While it is not exactly clear whether the Download.com team or the app developers are bundling the adware, the distribution sites are obligated to ensure the content they host is safe.

Advertisement

So in short, the HTTPS websites are also not secure if any adware is installed on your machine knowingly or unknowingly.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Poco F7 5G to Launch in India and Global Markets on This Date
  2. OnePlus Nord 5 and Nord CE 5 Colour Options, Key Features Leaked
  3. Trump Mobile T1 Phone With 5,000mAh Battery Announced; See Price, Features
  4. Samsung Galaxy S25 Ultra Price in India Discounted for a Limited Time
  5. Oppo Reno 14 5G Series, Watch X2 Mini, Enco Buds 3, Pad SE to Launch Globally
  6. Tecno Pova 7 5G Series Confirmed to Launch in India Soon
  7. OnePlus 15 May Get a Big Design Overhaul
  8. Samsung Galaxy Watch 8 Series Design Revealed in New Leaked Renders
  1. Google Unveils India-Focused Safety Charter, Shares How It Is Using AI to Combat Online Frauds and Scams
  2. Realme Buds Wireless 5 Lite India Launch Date Set for June 23; Availability Details, Key Features Revealed
  3. Prince of Persia: Sands of Time Remake Remains "Deep" in Development, Says Ubisoft
  4. Trump Mobile T1 Smartphone With 6.8-Inch Display, 5,000mAh Battery Announced; Price, Specifications
  5. Samsung Galaxy S25 Ultra Price in India Discounted for a Limited Time: Check Offers, Availability
  6. Poco F7 5G India Launch Date Set for June 24; to Debut in Global Markets On the Same Day
  7. Meta AI App Now Shows a Warning Message to Dissuade Users from Publicly Sharing Private Chats
  8. OnePlus Pad Lite, OnePlus Watch 3 43mm to Launch on July 8 Alongside Nord 5 Series
  9. Samsung Galaxy Watch to Get Bedtime Guidance, Vascular Load Features With One UI 8 Watch Update
  10. OnePlus Nord 5 and Nord CE 5 Colour Options, Key Specifications Leaked
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.