The JDownloader website was hacked in early May, resulting in the distribution of harmful installation packages. Attackers manipulated the download links to point to malware. According to Heise, the website operators have since closed the security vulnerability and taken the site offline to resolve the issues.
The JDownloader team issued a security notice explaining that the installer download links were redirected to a Remote Access Trojan (RAT). The links under "Download Alternative Installer" and the Linux shell installer link were particularly affected. The installation files themselves remained unchanged, but the targets of the links were set to external servers.
The operators brought the website back online on May 9 after resetting the links to the correct files. In-app updates were not affected by the incident. However, the exact vulnerability that led to the incident has not been disclosed.
Additionally, it was revealed that the Daemon Tools website also spread malware downloads. The operators responded by releasing a non-infected download. Investigations into the incidents are ongoing to determine the causes and the full extent of the attacks.
