Draft blog post about malware site

2014-02-16 00:48:10 +00:00
parent bcd6c5aca6
commit 32ef59f812
1 changed files with 31 additions and 0 deletions
--- a/i2p2www/blog/2014/02/16/i2pbrowser-malware.rst.draft
+++ b/i2p2www/blog/2014/02/16/i2pbrowser-malware.rst.draft
@ -0,0 +1,31 @@
+=========================
+Malware at i2pbrowser.net
+=========================
+.. meta::
+   :date: 2014-02-16
+   :excerpt: The site i2pbrowser.net is a fake I2P website mirror serving up malware for Windows.
+
+We have recently been made aware of the existence of i2pbrowser.net. This
+website copies our homepage and download page, and attempts to trick users into
+downloading Windows malware.
+
+There are several indicators that point to i2pbrowser.net being a malware site:
+
+- The domain was registered on February 10th, 2014.
+- The download URLs for Windows, Mac OSX, Linux, Android etc. all link to the
+  same .exe file.
+- The .exe is only 741 KB; the official Windows installer for I2P is 13 MB.
+
+We have not examined the malware ourselves, but it does not appear to be very
+sophisticated; it is not integrated into or bundled with the I2P software.
+Security expert `Lance James`_ posted `a tweet`_ labelling it as "a standard
+dark comet rat".
+
+Spread the word. The only offical download locations for I2P are linked on our
+`download page`_. All I2P download packages are GPG-signed by the
+`release signing key`_.
+
+.. _`Lance James`: https://twitter.com/lancejssc
+.. _`a tweet`: https://twitter.com/lancejssc/status/434768667310821377
+.. _`download page`: {{ get_url('downloads_list') }}
+.. _`release signing key`: {{ site_url('get-involved/develop/release-signing-key') }}