ESET Experts Detected 3 Programs with Bitcoin Miner at Download.com
March 20, 2018
Analysts of antivirus company ESET found three malicious apps at one of the world’s most visited websites Download.com.
The investigation came as a result of message posted by the Reddit user Crawsh who would claim, he got an invalid address notification once he tried to copy-paste a Monero-wallet address. The problem turned out to be caused by a malware he got at Download.com: it found the wallet address in the clipboard and substituted it with the one owned by the scammer.
Crawsh was lucky enough as the virus would hijack Bitcoin addresses only and saw no difference in other currency addresses. But reportedly the criminals managed to steal about 9 BTC already.
Going into detail of the case the ESET experts found out, there were three apps at Download.com that included malicious code: Win32 Disk Imager utility, cross-platform IDE CodeBlocks and GNU-compiler for Windows MinGW-w64.
Soon after the situation came into the public domain, the Download.com administrators deleted all infected programs.