Why 'Download.com' isn't what it appears to be
We fell for it
Earlier this week we reported that CNET's Download.com had booted an anti-spam product after complaints about its makers. They appeared to be spammers themselves and were lying about their product.
The spam we got referred to Download.com, Cnet's popular shareware library, where the product could be downloaded from. At least, that's what we believed and complained about to CNET.
Now, CNET informs us that we fell victim to the same trick that the spammer used to dupe thousands of innocent users. 'Download.com's distinctive page design was copied by the spammer and the pages were presented on the spammer's own web servers to make it appear as though the product was being downloaded from the real Download.com,' Scott Arpajian, senior Vice President of CNET Download.com told The Reg. "When your reporter visited Download.com, the product appeared to have been removed, but in fact it was never there to begin with."
Hey, didn't we say that Spam Remedy operated in stealth mode? Just kidding.
Actually, the product was still offered this week through Optinspecialist.info aka SecureDiscounts aka
Soft4all.biz. All 'companies' known for hosting spamvertised sites. Securediscounts also offers software that permits people to pirate software from DVD's onto CD's, using domain names such as Ultra-software.info.
In the past Spam Remedy was also sold through nano-soft.biz, a domain registered by Andery Kovalev from Tallinn, Estonia, another indication that there is a Nordic connection. 'Is it just me, or are the former Soviet Union and its republics becoming the centre of Internet scams?' someone on the Net asks. after he received spam from the company.
So far, the people behind Spam Remedy have only identified themselves as the DarkSoft Group, which not only developed the abovementioned pirate product but also crafted 'the only real time remotely deployable spy software application'. Apparently, it gives you the power to remotely monitor pc's from anywhere. That is if you believe them.
What we do know is that DarkSoft seems to favor hit and run tactics. They register (or let others register) domain names for a short time and then move on to another address, like rats escaping the flood. The spamvertised links optinspecialists.info, soft4all.biz and nano-soft.biz links worked yesterday, but were out of use as from this morning. In fact, DarkSoft seem to have vanished from Earth.
We have to congratulate DarkSoft on their Download.com spoof. We fell for it. However, they may have gone too far this time. "CNET vigorously defends its copyrights and trademarks," Scott Arpajian told The Reg. 'We are currently working with the necessary authorities to take appropriate action."
CNET has thanked us for giving it the opportunity to set the record completely straight with our readers. Which is very gracious of them, as it's the least we could do. Apologies all around. ®
Sponsored: 2016 Cyberthreat defense report