If you download project software's from SourceForge than beware, In April, security researchers from Zscaler reported uncovering a fake SourceForge website, sourceforgechile.net, set up by cybercriminals in an attempt to distribute a variant of the notorious ZeroAccess Trojan.
Now, experts say that several new domains have been registered as below :
- sourceforgeyemen.net ,
- sourceforgemyanmar.net ,
- sourceforgemorocco.net ,
- sourceforgeindiana.net ,
- sourceforgeecuador.net ,
- sourceforgepalau.net ,
- sourceforgegrenada.net ,
- sourceforgeestonia.net ,
These new websites have been registered with the same registrar, but each of them has different WhoIs information .
Sourceforgechile.net was set up to serve what appeared to be an open source version of the popular Minecraft game. The latest domains serve the ZeroAccess Trojan by disguising it as a Minecraft “xray” texture pack and Airport Fighter Simulator .
Currently, none of the sites are accessible, but SourceForge users should be cautious since it’s clear that the cybercriminals are not ready to give up on this campaign .