The official website for the popular download manager JDownloader suffered a security breach on May 6. Attackers exploited an unpatched vulnerability to gain unauthorized access to the site's infrastructure. The flaw allowed the intruders to modify Access Control Lists without authentication. This breach compromised specific download channels while leaving others intact.
Alternative download channels compromised while main files remain safe
The attackers targeted the alternative download pages for Windows and Linux systems. They replaced the legitimate Windows installer links with malicious, unsigned executables. The Linux shell installer also received a similar treatment with code containing malicious payloads. Users who downloaded from these specific alternative links risked installing malware that disabled Windows Defender.

The JDownloader development team moved quickly to contain the incident. They confirmed the hack and immediately took the website offline for a full investigation. The team assured users that the main JDownloader.jar file remained safe. Installers for macOS and packages distributed through Winget, Flatpak, and Snap also remained uncompromised.
Reports from users who ran the infected files indicate severe system impacts. Some users reported that the malware completely disabled Windows Defender. The specific name or family of the malware installed on affected systems remains unknown. The source material does not identify the exact variant used in the attack.



Discussion
0 comments
Log in to join the thread with a thoughtful take, question, or correction.