Use care when downloading reputable software

I recently got a new laptop and while downloading new software for it I noticed what seems to be a relatively new trend where "unofficial" sites are listed in Google before the legitimate ones, probably because they are paid advertisements. For example, today I went to download Google Earth and the first site listed was:

google.earth.free-downloads.us.com

When I downloaded it my AVG antivirus let me know that it contained an adware program called "Wedownload" at which point I deleted it and found the real site. A few weeks ago when I went to download Firefox I found a similar thing, and when I just double checked I found 2 sites:

mozilla-firefox.downloadinfo.co
mozilla-firefox.best-browser.org

above the legitimate site of www.mozilla.org/en-US/firefox/new. I didn't check, but I suspect one or both of the 2 listed above had some form of malware attached to them. There is a small yellow "ad" at the beginning of the second line line in each ad, but the headline often has little or no notice that it isn't the original site, such as the first listing for Firefox which read:

Download Firefox® - 2014 New Version of Firefox®?

If you are tired or in a rush it's easy to not realize they are not the site you were looking for.

It's also easy to avoid if you are aware of it; just look closely at what you are clicking on and for backup make sure your antivirus software is up to date and has the ability to find and stop them when they do get through.

Leo Laporte (formerly from Screen Savers) has a national radio show on Saturdays and Sundays and he addresses this exact issue. He said you should always go online to the direct company site for downloads and never use other websites. This includes browsers, drivers, etc.

Good advice

It sounds to me like your computer is already infected. Rewriting search results to show ads (not disclosed as ads) before real search results is a common thing that this crap does now a days.

I say this based upon a couple of things first Google usually marks their ads with the word ad and secondly Google wouldn't allow somebody else to advertise a Google product (Google Earth) and point it to a malicious download.

He did mention that it is marked with 'Ad'....and it is in fact the first site the comes up on a Google search for Google Earth. I just tried it. What these guys do is bundle a whole lot of bloatware/adware along with the free software you're trying to download. They will change your home page and add tool bars and advertisements, and all with your permission as they require you to click 'ok' to download/install everything they're trying to pawn off on you. Although not technically a Virus or Malware, it's not really scrupulous either.

Some legitimate company sites are not much better. CNET is one of the worst as they have the ever popular "download" box which is a link to a download site that is for a program that will periodically check for software and updates for you. These of course have various links to sites that have loads of maleware.

The portion circled above is not evidence of a virus, malware, or spyware. That's how Google works.

Seeing it I would agree nevertheless it violates the AdWords TOS, and I suspect it wont be there long term.

What about the poor sap who isn't looking at the smaller print, just the google earth result?

Remember, companies have been sued for dumber stuff....

That depends on your definition of "long term". I dismissed it as an anomaly the first time I saw it, but that was the day I got this computer, on June 8th, and while I don't know if these are the same ads that popped up on that day it certainly doesn't seem like the trend is abating:



I believe the ads rotate, and as I recall both yesterday and in the past the less noticeable "FireFox Free Download - Full Version. No Trials. 100% Free?" was the first listing. Google may have used "Don't be evil" as their slogan but their reputation for dealing with situations such as this is somewhat less than stellar. I did find a page on Google to report it and we'll see if they take action in the future.

It is worth noting that Bing doesn't seem to have the same problem, (and even though I have never particularly liked Bing, I'm finding that its a decent alternative to Google):



I got my first computer in 1981 and have been online since the early days of the internet. I've worked on various computer and other privacy issues in the past and despite using Google extensively over the years I have not seen this exploit used before and it doesn't appear to be widely published. I thought that even though I am well aware of the potential for things of this nature yet still almost got caught by it meant that it was probably something that people who are less computer literate might appreciate a warning about. It was supposed to be a simple post that might help people avoid something that had the potential to cause them considerable grief in the future.

Shame that it couldn't have stayed that way.