Feb 28, 2008

"Fake Shareaza" takes over updates from the real thing

Posted by Erica George Wed, 20 Feb 2008 21:06:00 GMT

Users of the popular filesharing application Shareaza are reporting that a competitor has taken over a former Shareaza website and is using it to overwrite the real Shareaza application with an impostor posing as an update.

How is that possible? According to Sarah Pike at AppScout:

Someone took great advantage of old code in Shareaza, which checks for updates with, among other URLs, www.shareaza.com, which another company has now registered. So when the real Shareaza does its regular thing and checks in for updates, it offers to download the fake Shareaza to replace itself.
For software producers, this is an important wake-up call. If your software automatically checks a website for updates, you’re responsible for what that website delivers to your users, so it’s important to maintain control of that site.

Users shouldn’t see the Shareaza switch as a reason to forgo software updates. As the AppScout post discusses, in this kind of social engineering scam there are often warning signs that something may not be quite right. Be sure you read dialog boxes carefully before clicking OK and agreeing to anything, including an update. And do your best to stay informed about the software you use by signing up for alerts from the distributor, or regularly checking for news.


We warned you about this domain being hyjacked a while ago. You are also warned that the software installs some bots on your system so if you dio download this imposter you need to scan your system for adaware.

Get the real program at its new location

1 comment:

Devon said...

I'm totally shocked the original owners of Shareaza allowed this to happen. Makes me wonder if somebody might sue them for it. They left their users totally vulnerable, and it's not hard to see it coming... as you said yourself, you even saw it coming.