Hah, the Linux version points you to the original website (only the Mac and Windows versions appear to be modified)! The year of the Linux desktop is truly here.
I've reported the website here: <a href="https://safebrowsing.google.com/safebrowsing/report_phish/?tpl=mozilla&hl=en-US&url=https%3A%2F%2Fkeepass.fr%2F" rel="nofollow">https://safebrowsing.google.com/safebrowsing/report_phish/?t...</a><p>Hopefull it will be blocked by the browsers using the safe browsing list.
I've had discussions with coworkers on why you shouldn't ve downloading putty from putty.org. Sure, they seem to be linking to the official downloads <i>now</i>, but imho it's just poor hygiene to use such pages. It takes just a moment of carelessness to get pwned
What are some safety measures you take when downloading a new version of keepass? Checking the digital signature of the binary?<p>Original keepass downloads are hosted on sourceforge which has not had the best history of integrity the way I see it.
I'm getting a different installer file from this website with not as many ad bundles detected : <a href="https://www.virustotal.com/#/file/23c3a4564265bc996ab61c1227feda7aa5a3e41033717421310fef3e42871bfc/detection" rel="nofollow">https://www.virustotal.com/#/file/23c3a4564265bc996ab61c1227...</a><p>Anyway, this wouldn't be the first time an open source software is packaged with some adware. Unsavory, but I think within the limits of the license.
Pretty ironicly, Terms of use warn to be very careful when downloading files with an exe.,. Vbs,. Lnk,. Bat,. Sys, or a suffix com., Because these files may contain a virus or spyware !
Unrelated to the topic, the article points out a lot of things about certificates in the URL bar. That got me to think about the URLs themselves, can I set my browser up so it displays the punycode representation of my url?
Something I don't understand though is when I do a google search, google sometimes sponsors these phony sites.<p>One time I downloaded the wrong google chrome which was ironic because I was on google searching it.<p>Other examples that come to mind with different sites are popcorn.sh vs popcorn-time.to. There not the same repository.<p>Normally I just do a sanity check by checking the domain URL and checking if it has authority.<p>If its on sourceforge... I just assume its malware or has bundled PUPware on it, run it through antivirus and SHA/MD5 checks.<p>Ninite.com is pretty convenient I hope they don't get comprimised one of these days and get sold to a shady vendor