SCAM Website Audacity #884
Replies: 22 comments 14 replies
-
Yes, "audacity.de" is a malware site. We would dearly love to see that site permanently shut down, or at least blocked by Google. The genuine Audacity website is https://www.audacityteam.org/ |
Beta Was this translation helpful? Give feedback.
-
Reported the malicious site to Google at this link: https://safebrowsing.google.com/safebrowsing/report_badware/?hl=en More places to report malicious sites are itemized here: https://security.stackexchange.com/questions/1728/where-to-report-malicious-urls-phishing-and-malicious-web-sites |
Beta Was this translation helpful? Give feedback.
-
okay, this is very bad.... |
Beta Was this translation helpful? Give feedback.
-
I'm actually always very careful when downloading files, but this time they got me... |
Beta Was this translation helpful? Give feedback.
-
The bad news is that the malicious website https://www [dot] audacity [dot] de/ is still listed on the first (!) place when I search for "audacity" at Google. We just detected that we had installed a bundle of new notebooks with malware coming from that site. Today I could confirm that the downloaded Audacity for Windows comes from https://www [dot] audacityorg [dot] de/ and is not identical to the official one, but significantly larger. I now wrote to Host Europe GmbH (part of the @hosteurope group) who host the scam website and hope they will shut it down and prosecute their client which claims to come from Malta. I also reported it at @google using the link above. As Audacity is a trade mark, it could also be possible to go against domains which misuse that name. |
Beta Was this translation helpful? Give feedback.
-
I have modified the direct links to the scam site. We really don't want to be helping their SEO ;-) |
Beta Was this translation helpful? Give feedback.
-
Symantec just told me that they detect the malicious Windows installer. Windows Defender does not detect it ...
|
Beta Was this translation helpful? Give feedback.
-
I think they change the payload periodically. Much of the time it is a "pup" installer. |
Beta Was this translation helpful? Give feedback.
-
The owner of the scam website is listed in the Paradise Papers: https://offshoreleaks.icij.org/nodes/56039455. |
Beta Was this translation helpful? Give feedback.
-
I've reported the website to https://www.quad9.net/ |
Beta Was this translation helpful? Give feedback.
-
Host Europe answered today. They ask for evidence that the site is really malicious. |
Beta Was this translation helpful? Give feedback.
-
Clicking on the "Download starten" link on this page: https://www [dot] audacity [dot] de/download-de/ |
Beta Was this translation helpful? Give feedback.
-
It might be worthwhile to try to get their code signing certificate revoked. It will be simple enough for them to get another one, but at least executables that have already been downloaded should get flagged. https://web.entrust.com/ev-misuse/ I have no idea how responsive Entrust is to these kinds of problems. |
Beta Was this translation helpful? Give feedback.
-
Submit it to https://www.microsoft.com/en-us/wdsi/filesubmission for MS to analyse it. |
Beta Was this translation helpful? Give feedback.
-
okay, I was happy a few days ago that the page is down, now it's back online ... |
Beta Was this translation helpful? Give feedback.
-
Currently they deliver an unmodified audacity-win-3.0.0.exe. But of course one never knows whether they always do that in the future. |
Beta Was this translation helpful? Give feedback.
-
maybe you should write here that there is a fake page online. As information! |
Beta Was this translation helpful? Give feedback.
-
That website has no rights to use the domain name "audacity" without permission. So legal means would be most effective. |
Beta Was this translation helpful? Give feedback.
-
Still online..... what we need to do? |
Beta Was this translation helpful? Give feedback.
-
German law makes this surprisingly time consuming to resolve. Lawyers are currently working on this and there is an active court case. |
Beta Was this translation helpful? Give feedback.
-
On Twitter I noticed ads supposedly for Audacity, which point to a website with the .top TLD and otherwise the same domain as the official Audacity website. I just wanted to make a note of this here so that you can follow up on that site as well. |
Beta Was this translation helpful? Give feedback.
-
Hello guys,
Yesterday I wanted to download audacity.
When entering "audacity" on Google, the following website is the first suggestion: https://www [dot] audacity [dot] de/.
After downloading it from this website, Windows Defender raised the alarm: undesirable behavior.
Here, via Github, I found out that the "correct" homepage has the following URL:
https://www.audacityteam.org/
After downloading it from this website, everything went smoothly and I was able to edit my audio files.
I assume that the first website is a fake?
Is this really the case?
Best regards
Marc
Beta Was this translation helpful? Give feedback.
All reactions