
Hacker compromises Fosshub to distribute MBR-hijacking malware - PascLeRasc
http://news.softpedia.com/news/hacker-compromises-fosshub-to-distribute-mbr-hijacking-malware-506932.shtml
======
unsignedqword
The payload reminds me of '90s-era malware: more intent on just trashing up
the system than with gaining any sort of profit. Wiping random people's MBRs
isn't exactly nice, but considering that's all it really does, it's a far cry
from what most malware seems to be concerned with doing nowadays.

------
i_are_smart
I find it interesting that the FossHub homepage still says

    
    
      No adware, No spyware, No bundles, No malware, Fast downloads, Free services and a single ad.

~~~
erlehmann_
I think many website operators do not see a problem with lying when it helps
them getting more pageviews, signups or money.

In September 2015, Imgur distributed malicious JavaScript that targeted users
of 8chan. Imgur fixed the vulnerability, but still displayed the following
message when JavaScript was turned off:

> JavaScript is disabled in your browser, which doesn't make for a very good
> experience on Imgur. We encourage you to either enable JavaScript or
> whitelist Imgur.com. We would never do anything bad or malicious with our
> JavaScript, and if you ever run into any problems then feel free to contact
> us.

~~~
i_are_smart
Wow, I had never heard about that. It will be interesting to see how long it
takes FossHub to make some sort of statement addressing this incident.

~~~
erlehmann_
The audacity team has a blog post regarding the incident:
[http://www.audacityteam.org/compromised-download-
partner/](http://www.audacityteam.org/compromised-download-partner/)

