HomeBlog › Important Security Announcement to Our Valued Users

Important Security Announcement to Our Valued Users

Dear community,

We wish to address a significant security concern that has recently come to our attention. Upholding your trust is paramount to us, and in our dedication to transparency, we aim to provide a clear and direct account of the situation.

What Happened: Today, informed by the findings from Kaspersky Lab, we became aware of a past security incident from 2020. It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software. Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed. It’s estimated that much less than 0.1% of our visitors might have encountered this issue. This limited scope is probably why the issue remained undetected until now. Intriguingly, this vulnerability was unknowingly resolved during a routine site update in 2022.

Our Immediate Actions: Upon this discovery, we initiated a thorough investigation. We’re reinforcing our defenses and implementing additional measures to prevent such vulnerabilities in the future.

Recommendations for Users: If you were among the subset of users who tried to download FDM for Linux from our compromised page during the mentioned timeframe, we strongly recommend conducting a malware scan on your system and updating your passwords as a precautionary measure.

Communication Issues: We also discovered an issue with one of our contact forms which might have impeded prompt communication, presumably it was the form used by Kaspersky Lab representatives to reach out to us. If you attempted to reach out regarding this or any related issue without receiving feedback, please contact us again at support@freedownloadmanager.org.

We sincerely apologize for any inconvenience or concern this might cause. Ensuring your digital safety remains at the forefront of our efforts, and we are unwavering in our commitment to safeguard your trust.

Thank you for your patience and understanding. We will keep you updated as we learn more.

Best regards, Free Download Manager team.

Update: Our investigation has shown that the hackers exploited a vulnerability in a script on our site to introduce a malicious file they used to change the https://www.freedownloadmanager.org/download-fdm-for-linux.htm page.

To investigate this problem, we accessed data from our project backups dating back to 2020 and found this modified page, which contained an algorithm that chose whether give users correct download link or the one leading to the fake domain deb.fdmpkg.org containing a malicious .deb file. It had an «exception list» of IP addresses from various subnets, including those associated with Bing and Google. Visitors from these IP addresses were always given the correct download link.

We’re truly sorry about what happened, and we again ask our users who downloaded FDM for Linux within 2020-2022 to check their computers for malware. Also we want to reassure all our Windows and Mac users that for them our website has been safe.

Update 2: We have prepared a bash script that you can use to check the presence of malware in your system.

Launch Instructions:

  1. Download the linux_malware_check.sh script and give it execute permissions. You can do this by running:
    chmod +x linux_malware_check.sh.
  2. Execute the script by running: ./linux_malware_check.sh.

Please note that this script only identifies whether the mentioned potential threats are present on your computer, it does not remove them. If malware is detected, it is highly recommended to reinstall the system.

We once again sincerely apologize for any inconvenience that might have been caused.

10 thoughts on “Important Security Announcement to Our Valued Users”

You have lots of non-technical people using your software since it was recommended in several magazines.

I can download the script; give it permissions, & run it. What output am I expecting? When I run it a white window pops up for a fraction of a second and then nothing. Is this the correct output for a “no Malware” response?

A little more information for those non-techies amongst us please.

Neil

If you are serious about security AND you wish for your customers, users, and supporters to SEE that you are serious, why do you not supply the SHA256 for each of your downloads?

IF you were serious about security, this SHA256 number would have immediately shown anyone downloading the newly infected file that the downloaded file has been tampered with.

Leave a Reply

Your email address will not be published. Required fields are marked *