Jun 302016

CamStudio MalwareI am fan of free software. Heck, I make quite a few of free programs myself. That is why it pains me to see what is happening last few years with it – malware, malware, everywhere!

For example take CamStudio, once a decent screen recording program. I’ve downloaded my setup from www.camstudio.org and everything seemed legit. Until I was offered was Search Offer powered by Bing during setup – I of course declined. After that I was offered ByteFence (which ironically promises protection against malware) and Yahoo powered search. Yes, the same install offers both Bing and Yahoo powered search. I declined them both. Guess what, it tried to install Search Offer regardless.

I found this slightly unnerving so I removed all traces of it and checked for the source code. I did find it on SourceForge after a bit of googling (camstudio.org doesn’t offer a link toward it). Installer found there was actually without malware (as far as I could see) but it was also unsigned and more than 10 times the size (11 MB vs 1 MB).

So, on one side we have install downloaded from SourceForge, 11 MB in size and unsigned. On other side we have 1 MB setup digitally signed by Path Quality (Alpha Criteria Ltd.). Which one looks more official? Yes, a search for Alpha Criteria Ltd. will show its malware roots but I still find it disturbing that such shady figures actually have a valid digital signature.

There is a real danger in someone taking your installer and making setup with malware. You cannot really do anything about that. But this is not the case here. Not only that camstudio.org is officially looking, with forum and everything, but also you can see that Nick Smith is one registering domain. Going to SourceForge pages, you can also find Nick Smith there as one of the main contributors.

What we have here is one of, possibly rogue, developer intentionally packing malware into product’s setup for profit.

This is something I have noticed for a while now. Freeware programs (regardless if open source or not) have been having more and more aggressive and misleading ads in recent years. Every time I go to download something I need to figure which link is actual download and which ones are “download” links designed to click-bait you into ad. It is a shitty and misleading practice but at least it only wastes your time. Packing malware into what amounts to officially looking software package on the officially looking pages, is another, more devious approach.

Realistically, you will not earn money on freeware. If you expect open source to get you some quick money, you are an idiot. Building open source and/or freeware software is something you should do for enjoyment and because you have an itch to scratch. You might not get money out of it but it will provide great learning experience, it will get your name out there, and possibly you might even get a tangible benefit out of it.

Or go the money route and make application for sale – there is nothing bad with that. For example, developers of Bandicam, also a screen recording program, decided to charge for their software. That is an honest approach.

Earning money by incorporating malware into your freeware application is not only dishonest but deserving of its own circle in hell.

  One Response to “Open source peddling”

Comments (1)
  1. Hi !

    I already had to download the file CamStudio but something stopped me and I started to google. I found your blog description. I threw for VirusTotal and actually 6 antivirus discovered malware. Thanks again. Greetings from Poland.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>