alt Hacker NewsHackers breach JDownloader website to serve malware-laced downloads
Comments
> As there has been a question about updates. Those are not compromised, different infra, protected by end-2-end digital signature.
Phew!
From: https://old.reddit.com/r/jdownloader/comments/1t6goqe/is_the...
What's new? Hasn't JDownloader already served malware with the default installer for years, you had to use specific adware-free installers to avoid it?
I’ve never run into a program that manages to disregard as many UX best practices as Jdownloader. It has more maddening features than I can count. Even stuff like sorting a column by date doesn’t work how you would want it to, because it applies some “package grouping”. It’s the epitome of nonsensical defaults, features that maybe 1% of the user base would want and care about but toggled on by default.
u/rubi2333 uploaded the malicious files to virustotal.com
JDownloader2Setup_windows-amd64_v1_8_0_482.exe: https://www.virustotal.com/gui/file/5a6636ce490789d7f26aaa86...
JDownloader2Setup_windows-amd64_v11_0_30.exe: https://www.virustotal.com/gui/file/fb1e3fe4d18927ff82cffb3f...
JDownloader2Setup_windows-amd64_v17_0_18.exe: https://www.virustotal.com/gui/file/04cb9f0bca6e0e4ed30bc927...
JDownloader2Setup_windows-amd64_v21_0_10.exe: https://www.virustotal.com/gui/file/32891c0080442bf0a0c5658a...
JDownloader2Setup_windows-x86_v1_8_0_472.exe: https://www.virustotal.com/gui/file/4ff7eec9e69b6008b77de1b6...
JDownloader2Setup_windows-x86_v11_0_29.exe: https://www.virustotal.com/gui/file/de8b2bdfc61d63585329b8cf...
JDownloader2Setup_windows-x86_v17_0_17.exe: https://www.virustotal.com/gui/file/e4a20f746b7dd19b8d9601b8...
JDownloader2Setup_unix_nojre.sh: https://www.virustotal.com/gui/file/6d975c05ef7a164707fa3592...
I wish there was finally a decent alternative to this junk. JDownloader pretends to be GPL, but parts of it are closed source. Plus, the Windows installer on the official site is a gamble, and you can only find a clean installer in the forum. The developers claim it’s "just adware", but since it’s a web-based installer, different things are offered depending on your IP address. Some of these install themselves even if you decline them, and some also contain real malware. It was actually to be expected that they wouldn't secure their website properly and that someone else would end up spreading malware as a result. The only reason to still use this software is that it works with every obscure filehoster out there. Alternatives like pyload are much less effective at bypassing all the security measures these sites put in place to block download managers. It also lets you download videos from streaming sites that other tools like yt-dlp refuse to support.