CNET, who hosts Download.com, has enjoyed a reputation for being a safe place to download software from. The program you download may be great or may be useless, but it had been “Tested Spyware Free.” At least that is what Download.com says about their downloads.
Today it has come to my attention that the site is hosting two notorious spyware/adware programs. One of the programs is called “Anti-spyware 2008” and the other is called “Anti-virus Defender 1.01”
According to Download.com these programs have been tested free of spyware, viruses, and other malware. Unfortunately, many security products have a very different opinion. These fake security products will infect your computer, rather than protect your computer.
As always, do some research before deciding on a security product to evaluate. For anti-virus/anti-spyware look for testing at Virus Bulletin (http://www.virusbulletin.com), and/or certification at West Coast Labs (http://www.westcoastlabs.org/) and ICSA Labs (http://www.icsalabs.org/icsa/icsahome.php). For West Coast Labs you’ll want to look at the Checkmark Certification tab. Virus Bulletin does not test anti-spyware, however both the ICSA and West Coast (Checkmark) certify products for spyware detection and removal.
It is not clear at this time if CNET’s Download.com was hacked, or the malicious software found its way there by other means. Certainly a label “Spyware free” should be viewed with a high degree of skepticism. Any one can say it.
Randy Abrams
Director of Technical Education
