Unexpected redirects

Maybe you’re one of the increasing number of users on the lookout for new ways to protect your machine against the malware that’s always in the news. Maybe you’re even one of the users running a sandbox on your machines. (If you’re not, and you don’t know what a sandbox is – it’s an isolated area on a computer, often running on a virtual machine, where you can run code without infecting the main or host machine. Sometimes a sandbox is a separate program that functions within the framework of the local OS – this type is easier for a novice to use as you don’t need to install a virtual machine.)

I was trying to download a sandbox application of the second type when I stumbled on something interesting. I got unexpectedly re-routed to – it’s part of and one of the most popular software repositories on the Internet.

The download went smoothly, but then I got re-routed to another page on This page contained recommendations for other popular software available for download.

The list of recommended software includes AntiVirus Defender, an adware program that we detect as not-a-virus:AdWare.Win32.OneStep.z. We’ve notified cnet so they are aware of the issue.

I think there’s a pretty clear moral here. You’re security conscious and you want to protect your computer. You’re looking for useful utilities. assures users that all programs available via the website have been analysed, and don’t contain any malicious code. So maybe you relax your vigilance. But with both businesses and bad guys making use of sponsored links on sites like and Google, you’ve got to stay very alert indeed to make sure that you don’t get caught out.

Unexpected redirects

Your email address will not be published.



Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

APT trends report Q2 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox