Sign up now! · Forgot password?
RSS/Atom feed Twitter

Yay, mainstream! - and trojaned GIMP installers

This discussion is connected to the mailing list which is provided by the GIMP developers and not related to

This is a read-only list on so this discussion thread is read-only, too.

1 of 1 message available
Toggle history

Please log in to manage your subscriptions.

Yay, mainstream! - and trojaned GIMP installers Michael Schumacher 09 Aug 22:38
Michael Schumacher
2012-08-09 22:38:16 UTC (over 3 years ago)

Yay, mainstream! - and trojaned GIMP installers


recently, we're seeing more and more sign of GIMP becoming mainstream - the availability of several GIMP installers for the Microsoft Windows platforms loaded with trojans is certainly an indication for that.

The most common trojan seems to be InstallIQ. A piece of software that grants the providers of the actual installers plausible deniability because the installers itself is clean, and because the user has to agree to install additional "utilities" during setup.

Case 1:

Step 1: the victim is sent a scam mail pointing to a file at (which disguses as a image upload site).

Step 2: the files provided there are .gmp files (huh?)

Step 3: for viewing those files, there's a link to, where the infected installer is located

Case 2:

Another victim or culprit of a related scam seems to be the site, which used to host a modifed version of GIMP which resembled the Photoshop UI. Either its original author has gone to the Dark Side, or that site has been taken over by a scammer - it is distributing InstallIQ-infected installers.


If you see any GIMP installer sites which have a fine print with phrases like

"is distributing a modified installer which is different from the original ones"




"the installer is compliant with the original software manufacturer's policies"

then do the following: