top of page
ALL POSTS
JDownloader's Official Site Distributes Malware to Windows and Linux Users in Major Supply Chain Attack
Key Findings JDownloader's official website was compromised between May 6-7, 2026, serving malicious installers to Windows and Linux users instead of legitimate software Attackers deployed a Python-based remote access trojan (RAT) that gave them remote control over infected systems, with an 8-minute execution delay The breach was limited to the Windows "Alternative Installer" and Linux shell installer; macOS, in-app updates, and package managers remained unaffected Attackers
May 103 min read
JDownloader Site Compromised: Malicious Installers Distribute Python RAT Malware
Key Findings JDownloader's official website was compromised on May 6-7, allowing attackers to distribute malicious Windows and Linux installers The attack exploited an unpatched CMS vulnerability that allowed unauthorized modification of access control lists without authentication Only alternative installers were affected; macOS versions, core JAR files, and in-app updates remained secure due to separate infrastructure and cryptographic verification Users who downloaded compr
May 102 min read
bottom of page
