--- En date de: Jeu 20.12.12, Michael Schumacher a crit:

Hi,

we've been approached by download.dk about an "award" GIMP seems to have won on their site. They suggested to add this award to www.gimp.org with the usual link back to their site...

Upon inspecting their GIMP download page, I'm not really sure if this is an elaborate scam, or just a sub-par try of implementing a downloads site:

A strange "driver update" setup called "installer.exe" is more likely to be downloaded from their downloads page than the software the user intends to get. The link to this software is much more prominent.

I tried to send them a mail about this problem, but that message was returned with a "no mail exchangers for that domain", and the message shows some mailmarketing.com forwarding addresses.

Has anyone got opinions about or experiences with this site?

The most probable explanation is some [hacked or] malicious web site trying to gain from the reputation of a renown product to spread malicious software instead of the true Gimp installer. Least I'd expect from a third party web site is to link or at most proxy download requests. In this very case it's obvious they didn't. Plus the fact that the domain has no mail exchanger shall trigger an alarm lamp string and put the threat level in maximum DEFCON.

My 2.

Vince C.

Reagrds,
Michael

_______________________________________________ gimp-developer-list mailing list
gimp-developer-list@gnome.org
https://mail.gnome.org/mailman/listinfo/gimp-developer-list

On Thu, 20 Dec 2012 13:38:26 +0100, Michael Schumacher wrote:

we've been approached by download.dk about an "award" GIMP seems to have won on their site. They suggested to add this award to www.gimp.org with the usual link back to their site...

There's a ton of these site and software awards around, and none of them are any good. I'm actually surprised that it took so long for GIMP to be noticed...

On 12/20/2012 07:38 AM, Michael Schumacher wrote:

Hi,

we've been approached by download.dk about an "award" GIMP seems to have won on their site. They suggested to add this award to www.gimp.org with the usual link back to their site...

Upon inspecting their GIMP download page, I'm not really sure if this is an elaborate scam, or just a sub-par try of implementing a downloads site:

A strange "driver update" setup called "installer.exe" is more likely to be downloaded from their downloads page than the software the user intends to get. The link to this software is much more prominent.

I tried to send them a mail about this problem, but that message was returned with a "no mail exchangers for that domain", and the message shows some mailmarketing.com forwarding addresses.

Has anyone got opinions about or experiences with this site?

Hey Michael,

I just downloaded "GIMP 2.8.2" from download.dk and got a 1.1 MB file called "installer.exe." Clam Antivirus did not identify it as malware but in this case a negative result is as likely to indicate a frequently updated & recompiled virus, trojan, or rootkit dropper as a "safe" executable.

It is also possible that installer.exe installs "harmless" spyware. The only certain fact is that installer.exe is not GIMP 2.8.2 as advertised, so in this case "a sub-par attempt at implementing a download site" includes, at minimum, going to a great deal of unnecessary trouble to misrepresent of the wares offered.

I would not do anything to advertise download.dk or encourage anyone to download and run installer.exe. I would be much more likely to post a prominent notice on whatever page download.dk expected their free advertisement to appear on, warning users not to download the GIMP from unverified third party sites "to assure that you receive the latest and best version of the program." Or some such language.

:o)

Steve Kinney