FileZilla author was caught red handed, shipping app with IronCore adware downlo... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		melomac 21 days ago \| parent \| context \| favorite \| on: FileZilla Pro "Perpetual License" – A Warning to A... FileZilla author was caught red handed, shipping app with IronCore adware downloader, aka installCore from ironSource: https://www.sentinelone.com/blog/osx-ironcore-a-or-what-we-k... As IronCore evolved, it eventually got packed — `+[obj load]` executed prior to entry point — and provided a JavaScript to Objective-C bridge. JS payloads were remotely downloaded and AES encrypted... While offers were the usual suspects back then (Advanced Mac Cleaner, MacKeeper, and a customized Chromium app), the technique could be abused in a couple of ways so to spy on specific targets. Anyhow, I don't know what you do with FZ, I am very much into rsync (OSS) and Transmit app (Panic).

lobito25 21 days ago | [–]

Thanks for sharing. I wasn’t aware of this before, but it does confirm some concerns I already had about the developer’s questionable practices.

opengrass 21 days ago | [–]

Is Linux clean?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact