It was bad enough that FileZilla offers SourceForge installers loaded with garbage software that could easily be viewed as malicious software. Junkware such as "Hotspot Shield" are still bundled with some installers offered by Filezilla.
Now, avast has discovered that malicious versions of FileZilla 3.7.3 and 3.5.3 are being spread. "We have noticed an increased presence of these malware versions of famous open source FTP clients", the firm announces.
The fake software is idential except for one point. Any attempt to update the software through the build in update checker will fail. This is most likely to prevent the malware from being overwritten.
Avast uncovered a hidden "stealer" inside of the code, saying, "The algorithm is part of a malformed FileZilla.exe binary, therefore sending stolen log in details which bypasses the firewall. The whole operation is very quick and quiet. Log in details are sent to attackers from the ongoing FTP connection only once. Malware doesn’t search bookmarks or send any other files or saved connections."
The websites distributing these fake copies of FileZilla seem to all be registered in Russia, using a registrar that hides the client information.
FileZilla has placed a warning on its own website, stating "We do not condone these actions and are taking measures to get the known offenders removed. Note that we cannot in general prevent tainted versions on third-party websites or proof their authenticity, especially since the FileZilla Project promotes beneficial redistribution and modifications of FileZilla in the spirit of free open source software and the GNU General Public License."
On a personal note, if they do not condone these actions; then why are they working with SourceForge and bundling software like Hotspot Shield and other unwanted programs? Previously we posted an article by the Gluster Community about this very subject. Perhaps this occurance will help the FileZilla team to improve their own standards.
Google has identified a nasty bug in Gmail that may have led to the accidental deletion of some messages in your inbox, as well as incorrectly labeling others as spam.
The severity of the bug has caused the search giant to issue an Important Notice which appears at the top of Gmail when some users -- myself included -- log into the webmail service through the web or iOS app. Although the problem has now been fixed, Google suggests you take a look in your Trash and Spam folders. I’ve just done so now, and there are indeed messages in both that shouldn’t be there.
Microsoft had little choice but to relabel its SkyDrive cloud service after losing a trademark dispute with BSkyB, and it's now ready to make that name switch. The newly rebadged OneDrive is functionally identical for existing SkyDrive users, who can go about business as usual. However, there are also promises that this is more than just a cosmetic change. The curious can register at a preview page to be notified when OneDrive launches with "more" than what they've known with SkyDrive. Microsoft isn't saying exactly what users can expect, but it won't hurt to sign up.
There is something to be said for the cloud and web-based services. However, when you rely on these things, sometimes it goes a bit wrong. That's not as bad as it sounds. It can go very wrong with your home computer and network as well. Today, Google is experiencing one of those "glitches".
As of this writing, the Gmail service seems to be restored for all users, and I've inquired with writer friends around the US and the world to verify that. However, there is a rather bizarre side-effect, but it's only affecting one poor user. Sadly, that person is getting the bulk of the email being sent since the outage relented.
It seems that when you search Gmail in Google, which a large number of average users do, and click the top result, it opens a compose dialogue box and pre-fills the recipient with "firstname.lastname@example.org". Hence, this is resulting in the person on the receiving end being inundated with email. (We recommend to avoid testing it, for the obvious reasons.)
Google Chrome extensions are designed to improve or modify functionality that the web browser offers. Some extensions in the official Chrome Web Store have millions of users who all rely on the functionality their add-ons provides them with.
While not as powerful as Firefox add-ons, Chrome extensions are easily powerful enough to manipulate websites that you visit, or communicate with a remote server. News about extension abuse reached the mainstream press recently.
It all started when Amit Agarwal confessed that he sold a Chrome extension he created to a company that approached him via email.
The company modified the extension and released the update to all existing users of it.
Users who received the update noticed that the extension started to inject ads on web pages, which was then reflected on the user reviews page on the Chrome Web Store.
Internet Explorer is no longer just the browser you use to download other browsers (even though, for many people, that will always remain the case). These days it’s a decent, fast and standards compliant offering that you don’t have to be embarrassed to admit to using.
Microsoft’s clever, self-deprecating Browser You Loved to Hate campaign did a great job of challenging people’s views and getting them to take a second look at Internet Explorer, and today the software giant launches a new initiative and website, called Rethink, which aims to showcase how Internet Explorer is helping to "create a web that is fast, beautiful and perfect for touch" while also, Microsoft hopes, getting people to rethink their views on the much maligned browser.