A meaning amount of malware infections and potentially unwanted plan (PUP) irritants are the issue of downloads from unreliable sources. There are a multitude of websites that specialize in distributing malicious payloads by offering them up as something legitimate or past bundling the desired installer with additional programs.

In November 2019, we learned that Intel removed erstwhile drivers, BIOS updates, and other legacy software from their site. While this software relates to products released in the last century and early years of the 2000s, many users withal rely on old Intel products and take been left scrambling for specific downloads.

Users that follow older links to certain drivers and updates will find this instead:

Following the links to search the site or the download center merely leads users around in circles—those downloads are gone. While some might argue that it is Intel's right to remove drivers and updates afterward a decade, others understand that whenever legacy software is abandoned, a security nightmare ensues.

When users can no longer download files from official sources, desperate people will roam the Cyberspace for a place where they tin can notice the file they need. And what they usually detect instead are malicious websites and downloads.

Malvertising using popular downloads

Habitually, threat actors observe out which search terms are gaining in popularity as users seek out terminated software downloads and try to lure searchers to their site. They volition use SEO techniques to rank loftier in the search results or may even spend some dollars to prove upwards in the sponsored results for certain keywords. They can hide their malware in malvertising in the form of downloads or fifty-fifty bulldoze-by-downloads, in which users needn't install a single file, only visit the site, to be infected.

After all, a victim that is desperately looking for a file he needs to get a system upwardly and running again is actually all a malware peddler could wish for. All they have to practice is make the user of the site believe they have found the file they are looking for. Once they are convinced, they volition download and install the alleged commuter all by themselves.

All the threat actor has to exercise is upload the malware nether some convincing filename and attract visitors to the site. This is basically the same modus operandi that you will find in use when people get looking for cracks and keygens.

So, what can users do to avoid falling victim to such a scam? A couple of things, as it happens. We will provide you with some checks y'all can practise before you visit the download site. And there are some checks you can perform before y'all run the downloaded file, too.

Checks you tin perform to appraise the website

When yous have found a site that offers a file for download, there are a few actions you tin have to bank check whether the site is trustworthy. They are:

  • Check for the green padlock
  • Read 3rd-party reviews of the website
  • Use a trusted antivirus or browser extension, such as Browser Guard

Checking for the presence of the dark-green padlock is a good start to ensure a site has purchased a security document, only it's besides not a guarantee that the website is safe. SSL certificates are cheap, and your neighborhood cybercriminal knows where to get them practically for gratuitous. If you click on the green padlock, you tin find out who issued the document and for which site.

Recommended reading: Explained: security certificates

There are many websites that offering reviews of download sites and domains, and while many of these sites are reputable, they tend to fall a piffling fleck behind in calculation Internet newcomers. Our cybercriminal can afford to dump a domain like a hot tater once it has racked up too many bad reviews, so purchase a new site from which to run his scheme.

In brusk, you can trust reviews almost sites that take been around for a while, but the lack of reviews for a site could mean they but started or they may exist up to no practiced.

Some cybercriminals are brilliant programmers. Almost are not. But all the successful ones have one skill in mutual: They are well-versed in tricking people. And then, don't accept a website as trustworthy just because it features logos of other trustworthy companies on its pages. Logo images are easily institute in online searches, and they could be planted on the site for exactly that reason: to gain the visitors' trust. Logos could too be stolen, unauthorized, or handed out for unlike reasons than you lot might expect.

Some browsers and some free applications warn yous most shady sites—particularly sites they know to exist the home of malware and scammers. Malwarebytes Browser Guard, for example, tin be installed on Chrome and Firefox, adding to the browsers' own capabilities to recognize malicious domains and sites.

How do I filter possible malware from the downloaded files

In that location are some methods yous can employ to weed out the bad boys in your download binder:

  • Compare the checksum to the original file
  • Await at the file'southward digital signature
  • Run a malware scan

A checksum is a sequence of numbers and letters used to bank check data for errors. If you know the checksum of the original file, y'all can compare information technology to the one y'all have downloaded. Windows, macOS, and Linux accept born options to summate the checksum of a file.

The digital signature of a Windows executable file (a file with an .exe extension) can be verified subsequently the file has been downloaded and saved. In your Downloads folder, correct-click the downloaded .exe file and click Properties. Here you tin can click on the Digital Signatures tab to bank check whether the downloaded file is signed past the expected party.

Finally, utilize your anti-malware scanner to double-check that you are not downloading an infected file. You can also use online scanners like VirusTotal, which will also provide you with a SHA-256 hash for the file and save you the trouble of calculating a checksum.

Much ado about what?

All this may seem like a lot of work to those who habitually download files without a worry in the earth. However, even the most skilful downloader eventually has their moment of truth—when that downloaded file wrecks their computer or all those bundled applications are harder to remove than expected.

People who download all the time have meliorate instincts nearly which sites to trust or not, but that doesn't mean they tin't exist fooled. From experience, they know the sites that offer malware under a different filename from the sites that offer clean files. But sometimes, we reach for the shiny golden delicious and, in one case we accept a seize with teeth, discover information technology has a worm.

We don't all have the stomach or the knowledge to clean an infected computer. And some systems are not ours to put at risk.

Even if y'all follow all these pointers to the alphabetic character, it is nonetheless riskier to download files from unknown sites than it is to download from the company that made them. So we would like to urge companies to keep their "erstwhile files" bachelor on their own site, even if the number of downloads has dwindled.

Stay safety, everyone!