[Gimp-developer] Yay, mainstream! - and trojaned GIMP installers
- From: Michael Schumacher <schumaml gmx de>
- To: "gimp-developer-list gnome org" <gimp-developer-list gnome org>, gimp-user-list gnome org
- Subject: [Gimp-developer] Yay, mainstream! - and trojaned GIMP installers
- Date: Fri, 10 Aug 2012 00:38:16 +0200
Hi,
recently, we're seeing more and more sign of GIMP becoming mainstream -
the availability of several GIMP installers for the Microsoft Windows
platforms loaded with trojans is certainly an indication for that.
The most common trojan seems to be InstallIQ. A piece of software that
grants the providers of the actual installers plausible deniability
because the installers itself is clean, and because the user has to
agree to install additional "utilities" during setup.
Case 1:
Step 1: the victim is sent a scam mail pointing to a file at
photo-host.net/ (which disguses as a image upload site).
Step 2: the files provided there are .gmp files (huh?)
Step 3: for viewing those files, there's a link to gimphost.com, where
the infected installer is located
Case 2:
Another victim or culprit of a related scam seems to be the gimpshop.com
site, which used to host a modifed version of GIMP which resembled the
Photoshop UI. Either its original author has gone to the Dark Side, or
that site has been taken over by a scammer - it is distributing
InstallIQ-infected installers.
Advice:
If you see any GIMP installer sites which have a fine print with phrases
like
"is distributing a modified installer which is different from the
original ones"
or
"InstallIQ"
or
"the installer is compliant with the original software manufacturer's
policies"
then do the following:
STAY AWAY FROM THEM!
--
Regards,
Michael
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
