Have you ever had your open-source project used as a bait and switch by bad guys? Well, I guess I have offically now.
It all started with a simple little Google Alert (see above). Now, I know that I hadn’t made any change to the open source site in quite some time so I was surprised to see a Google Alert come in for the term “InfustionSoftDotNet”. I clicked through on the link only to find that a SPAM content site, filled with random keywords, links and text appeared to be offering for download a copy of the InfusionSoftDotNet Library.
Why indeed would someone link to a their own hosted version of this library rather than the locations office site at http://infusionsoftdotnet.codeplex.com/ ? Well, by clicking through I found out, for better or worse, what the deal was… They are linking to a downloaded that purports to help install the software and, in small print, will also install a bunch of spyware/adware/malicious software along with the actual software.
Well, at least I’m guessing that you will eventually be able to get the files you where looking for. I couldn’t be sure as once I saw this screen, I immediately terminated the install. Perhaps if I find the time to install on a clean machine that isn’t connected to the ‘Net, I’ll do that and see what other heinous stuff they’ve done to this code before releasing it.
And what really galls me is the even after Penguin, Panda and other Google improvements, this stupid page comes upon page 2 of the results when you search for “InfusionSoftDotNet Library” even with all the nonesense content and links to malicious sofware.
Has anyone else working on an open source project had an issue like this come up? What can be done? If I find some answers, I’ll leave them here on this blog for the benefit of those that haven’t suffered this insult…
- Setting up SSL on Amazon Linux Instance under EC2 - July 26, 2018
- Method Chaining of Objects in C# - January 16, 2017
- Native SQL Backup And Restores on AWS RDS - November 9, 2016