JDOWNLOADER SITE HACKED, MALWARE SWAPPED INTO INSTALLERS

JDownloader, a widely-used download manager, fell victim to a supply chain attack when its official website was breached and legitimate installers replaced with malicious versions. Security researchers confirmed that both Windows and Linux builds were compromised. The Windows installer deploys a Python remote access trojan (RAT) that grants attackers remote control capabilities on infected systems. Details on the Linux payload remain under investigation. The attack represents a serious threat to JDownloader's user base, which relies on the software to manage downloads. Users who downloaded JDownloader during the compromise window face potential infection. Once installed, the RAT can execute arbitrary commands, steal sensitive files, and maintain persistent access to compromised machines. JDownloader developers appear to have restored the website to a clean state, but the exact window of compromise and number of affected users remain unclear. The incident underscores vulnerabilities in software distribution chains, where attackers need only breach a single website to reach thousands of users simultaneously. Security researchers recommend that JDownloader users: - Verify the authenticity of their current installation - Check system processes for suspicious Python-related activity - Update to the latest legitimate version once the team confirms the website is fully secured - Monitor systems for signs of unauthorized access This attack follows similar incidents targeting software download sites. It serves as a reminder that users cannot assume official websites are always secure, and downloads should be verified through additional means when possible. JDownloader has not yet issued a formal statement regarding the scope of the compromise or remediation steps for affected users.