Beware! Malware hides behind popular freeware

Two of the most popular free programs on the download hub Fosshub were recently replaced with malware by a carefully planned hacker attack. Those responsible for Fosshub announce this via a Reddit post. During the breach, which took place on August 2, the hackers managed to replace the installation files for the audio editing program Audacity and the alternative start menu program Classic Shell.

If you have downloaded the malicious version of Classic Shell, you are probably already aware of it. According to several victims, the software overwrites the computer’s “master boot record”, i.e. the information needed to start the operating system itself. What remains is a currently unusable computer. However, this can be fixed using the bootrec.exe tool.

Fosshub estimates that at least 300 downloads of “Classic Shell” took place before the company noticed the breach and restored the correct installation file. In the case of Audacity, Fosshub managed to detect and remove the malware before anyone could download it.

The hackers, who call themselves Cult of Razer, announced via Twitter that the idea behind the attack was to alert others to Fosshub’s security flaws. The Twitter posts have since been removed.