Do you use Orbit Downloader, a popular download manager for Windows? Then you should uninstall it right now because, according to ESET (the makers of NOD32 anti-virus), Orbit Downloader contains malware.
More specifically, ESET alleges Orbit Downloader contains code that is used to perform DDoS (denial-of-service) attacks. Orbit Downloader downloads a DLL file it grabs from Orbit Downloader’s website after installing. This DLL file is then used to perform these DDoS attacks:
“Given the age and the popularity of Orbit Downloader (it is listed as one of the top downloads in its category on several popular software web sites) this means that the program might be generating gigabits (or more) of network traffic, making it an effective tool for Distributed Denial of Service (DDoS) attacks. On a test computer in our lab with a gigabit Ethernet port, HTTP connection requests were sent at a rate of about 140,000 packets per second, with falsified source addresses largely appearing to come from IP ranges allocated to Vietnam.”
It should be noted the malware was specifically identified as being used to conduct DDoS attacks. A DDoS attack is something that targets other computers and servers, so it shouldn’t affect your computer or files per se. However, it is still something you don’t want on your computer.
ESET is quick to point out it isn’t clear how often, if at all, this DDoS capability of Orbit Downloader was used and what the targets are. Furthermore, it isn’t clear if this DDoS capability was added intentionally by the developer of Orbit Downloader or someone hacked the program and threw it in there. The developer of Orbit Downloader, Innoshock, has no far not responded to these claims which adds suspicion that they may have done this on purpose. However, it is said the DDoS functionality of Orbit Downloader was added sometime between December 25, 2012 (version 4.1.1.14) and January 10, 2013 (version 4.1.1.15); since Orbit Downloader has been around since 2006, it is possible that Orbit Downloader was hacked by a third party and DDoS components were distributed without the developer’s knowledge.
We will only learn more once (if) Innoshock responds. Until then, we highly recommend you remove Orbit Downloader from your computer if you have it installed.
Hit up the ESET via link below to learn more, if you are interested.
[Thanks BearPup, WildCat | via ESET, SoftwareCrew]