by Peke » Sun Aug 07, 2022 10:17 pm
Hi,
TheUnmentioned wrote: ↑Sun Aug 07, 2022 7:49 pm
On the link mediamonkey.store Get MediaMonkey Today ->Standard Version->Get basic functionality->Free-->Download V5
Yeah, it looks like there's a fake MediaMonkey site that might have tricked you into downloading a fake version of MediaMonkey. We're doing our best to have the site shut down, but if you stick to downloading MediaMonkey from
www.mediamonkey.com, you'll find that the downloads are all clean:
Latest Beta:
https://www.virustotal.com/gui/url/dd38 ... 648b1eb502
Official Stable:
https://www.virustotal.com/gui/url/8c2d ... 0ccfdc3875
Here's a link to the report of the downloaded ZIP file from the fake store:
https://www.virustotal.com/gui/file/283 ... 77118d1306
ZIP File is 521kb and extracted file is 362mb which by itself rise red flag and any security noob should recognize it as such.
Also if you check URL to download of file it will be flagged also
https://www.virustotal.com/gui/url/27d9 ... /detection
TheUnmentioned wrote: ↑Sun Aug 07, 2022 7:49 pm
(I'm a Security Architect/ Engineer and do this for a living)
I guess this just shows how easy it is, even for paranoid/security-conscious individuals, to be tricked. For all users:
make sure that you download MediaMonkey from https://www.mediamonkey.com or another reputable site.
I've modified the topic to accurately reflect the threat. If you have any evidence that installs originating from our site contain malware, please report to us directly. Thanks.
Hi,
[quote=TheUnmentioned post_id=500015 time=1659919794 user_id=119766]
On the link mediamonkey.store Get MediaMonkey Today ->Standard Version->Get basic functionality->Free-->Download V5
[/quote]
Yeah, it looks like there's a fake MediaMonkey site that might have tricked you into downloading a fake version of MediaMonkey. We're doing our best to have the site shut down, but if you stick to downloading MediaMonkey from www.mediamonkey.com, you'll find that the downloads are all clean:
Latest Beta: https://www.virustotal.com/gui/url/dd3870975c5e2794da726b7a8f213bcc2c8574d9eda4bb8759dfaf648b1eb502
Official Stable: https://www.virustotal.com/gui/url/8c2d347b542cd89b76c1843d90d3303ff1b2a0ccfdc3875
Here's a link to the report of the downloaded ZIP file from the fake store:
https://www.virustotal.com/gui/file/28321bd0b8c5c517978de24c722c75e8307c21383fec1f382eb4b377118d1306
ZIP File is 521kb and extracted file is 362mb which by itself rise red flag and any security noob should recognize it as such.
Also if you check URL to download of file it will be flagged also https://www.virustotal.com/gui/url/27d9cc378423bd435b5d00b1422fd88c6b466afc0a209e4fae4a2c4c874be559/detection
[quote=TheUnmentioned post_id=500015 time=1659919794 user_id=119766]
(I'm a Security Architect/ Engineer and do this for a living)
[/quote]I guess this just shows how easy it is, even for paranoid/security-conscious individuals, to be tricked. For all users: [b]make sure that you download MediaMonkey from https://www.mediamonkey.com or another reputable site[/b].
I've modified the topic to accurately reflect the threat. If you have any evidence that installs originating from our site contain malware, please report to us directly. Thanks.