> While some redditors speculate that the trojan was planted on purpose, there is no evidence to support this claim. Outdated malware with an inactive command-and-control server is not advantageous for any attacker nor does superinfection make sense for this scenario. A far more plausible explanation points to the absence or failure of antivirus scanning on the systems used to compile and distribute the software packages. Procolored promises to improve this process, so that it cannot happen again.<p>That this system is so insecure as to be hit multiple times, I don't know how much stock anyone should put in "improved processes". This is a company who seems to have gone out of their way to create an insecure environment - probably out of some frustration, but all the same, insecure.