Orbit Downloader

Last updated

Orbit Downloader
Developer(s) Innoshock
Initial release8 November 2006;17 years ago (2006-11-08) [1]
Final release
4.1.1.19 [2]   OOjs UI icon edit-ltr-progressive.svg / 17 January 2014
Operating system Microsoft Windows
Platform IA-32
Type Malware [3] [4] (originally download manager)
License Malware [3] [4] (originally adware [5] )
Websiteorbitdownloader.com (Offline)

Orbit Downloader is a discontinued download manager for Microsoft Windows. Launched in 2006, its developers abandoned it in 2009. [4] In 2013, Orbit Downloader was classified as malware by antivirus software after ESET discovered a botnet in the application. [3] [6] [7] [4] [8]

Contents

Features

One of the main features of the program is its ability to grab and download embedded Flash Video files from online video platforms. [9] Orbit Downloader also accelerates downloads by acting as a peer-to-peer client, utilizing bandwidth of other users.

Orbit Downloader supports downloading from HTTP, HTTPS, FTP, Metalink, RTSP, MMS and RTMP protocols. Orbit Downloader supports Internet Explorer, Maxthon, Mozilla Firefox and Opera web browsers. [9]

Funding and malicious conduct

Although Orbit Downloader is free, it is an advertising-supported product since it offers to change the web browser's homepage upon installation and also offers to install software that are not critical for its operation. [5] Also it has begun to display built-in ads inside the program main window and when a dialog of a finished download appears.[ citation needed ]

On 21 August 2013, the WeLiveSecurity blog, published by the ESET security company, reported that since version 4.1.1.15, Orbit Downloader includes a botnet-like module which performs DDoS attacks without the user's knowledge or permission. Because of this dubious behavior, it is being detected as malware. [3] [6] [7] Following this report, download websites BetaNews, Download.com, DownloadCrew, MajorGeeks, Softpedia and Softonic disabled its download. [4] [10] [11] [12] [8] Betanews attempted to contact the developers but discovered that their last blog activity had been in 2009 and the Orbit community forum has since been left to a spammer. [4]

See also

Related Research Articles

<span class="mw-page-title-main">Denial-of-service attack</span> Type of cyber-attack

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

Linux malware includes viruses, Trojans, worms and other types of malware that affect the Linux family of operating systems. Linux, Unix and other Unix-like computer operating systems are generally regarded as very well-protected against, but not immune to, computer viruses.

<span class="mw-page-title-main">Botnet</span> Collection of compromised internet-connected devices controlled by a third party

A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation.

<span class="mw-page-title-main">ESET NOD32</span> Computer protection software

ESET NOD32 Antivirus, commonly known as NOD32, is an antivirus software package made by the Slovak company ESET. ESET NOD32 Antivirus is sold in two editions, Home Edition and Business Edition. The Business Edition packages add ESET Remote Administrator allowing for server deployment and management, mirroring of threat signature database updates and the ability to install on Microsoft Windows Server operating systems.

FlashGot was an add-on for Firefox that allowed interoperability between the Firefox browser and external download managers. It is no longer compatible with later versions of Firefox. It is not itself a download manager but is designed to allow the Firefox interface to be extended to connect to the selected external download manager. This avoided launching the download manager as an independent application and cutting and pasting the across the links of the files that need to be downloaded. Forked browsers like Pale Moon and Waterfox are also supported.

<span class="mw-page-title-main">FrostWire</span> Free and open-source BitTorrent client

FrostWire is a free and open-source BitTorrent client first released in September 2004, as a fork of LimeWire. It was initially very similar to LimeWire in appearance and functionality, but over time developers added more features, including support for the BitTorrent protocol. In version 5, support for the Gnutella network was dropped entirely, and FrostWire became a BitTorrent-only client.

OpenCandy is an adware module and a potentially unwanted program classified as malware by many anti-virus vendors. They flag OpenCandy due to its undesirable side-effects. It is designed to run during installation of other desired software. Produced by SweetLabs, it consists of a Microsoft Windows library incorporated in a Windows Installer. When a user installs an application that has bundled the OpenCandy library, an option appears to install software it recommends based on a scan of the user's system and geolocation. Both the option and offers it generates are selected by default and will be installed unless the user unchecks them before continuing with the installation.

<span class="mw-page-title-main">Genieo</span> Israeli company specializing in Mac malware

Genieo Innovation is an Israeli company, specializing in unwanted software which includes advertising and user tracking software, commonly referred to as a potentially unwanted program, adware, privacy-invasive software, grayware, or malware. They are best known for Genieo, an application of this type. They also own and operate InstallMac which distributes additional 'optional' search modifying software with other applications. In 2014, Genieo Innovation was acquired for $34 million by Somoto, another company which "bundles legitimate applications with offers for additional third party applications that may be unwanted by the user". This sector of the Israeli software industry is frequently referred to as Download Valley.

Freemake Video Downloader is a crippleware download manager for Microsoft Windows, developed by Ellora Assets Corporation. It is proprietary software that can download online video and audio. Both HTTP and HTTPS protocols are supported. Users must purchase a premium upgrade to remove Freemake branding on videos and unlock the ability to download media longer than 3 minutes in length.

Sality is the classification for a family of malicious software (malware), which infects Microsoft Windows systems files. Sality was first discovered in 2003 and has advanced to become a dynamic, enduring and full-featured form of malicious code. Systems infected with Sality may communicate over a peer-to-peer (P2P) network to form a botnet to relay spam, proxying of communications, exfiltrating sensitive data, compromising web servers and/or coordinating distributed computing tasks to process intensive tasks. Since 2010, certain variants of Sality have also incorporated rootkit functions as part of an ongoing evolution of the malware family. Because of its continued development and capabilities, Sality is considered one of the most complex and formidable forms of malware to date.

Virut is a cybercrime malware botnet, operating at least since 2006, and one of the major botnets and malware distributors on the Internet. In January 2013, its operations were disrupted by the Polish organization Naukowa i Akademicka Sieć Komputerowa.

Festi is a rootkit and a botnet also known by its alias of Spamnost, and is mostly involved in email spam and denial of service attacks. It works under operating systems of the Windows family. Autumn of 2009 was the first time Festi came into the view of the companies engaged in the development and sale of antivirus software. At this time it was estimated that the botnet itself consisted of roughly 25.000 infected machines, while having a spam volume capacity of roughly 2.5 billion spam emails a day. Festi showed the greatest activity in 2011-2012. More recent estimates - dated August 2012 - display that the botnet is sending spam from 250,000 unique IP addresses, a quarter of the total amount of one million detected IP's sending spam mails. The main functionality of botnet Festi is spam sending and implementation of cyberattacks like "distributed denial of service".

<span class="mw-page-title-main">Gameover ZeuS</span> Peer-to-peer botnet

GameOver ZeuS (GOZ), also known as peer-to-peer (P2P) ZeuS, ZeuS3, and GoZeus, is a Trojan horse developed by Russian cybercriminal Evgeniy Bogachev. Created in 2011 as a successor to Jabber Zeus, another project of Bogachev's, the malware is notorious for its usage in bank fraud resulting in damages of approximately $100 million and being the main vehicle through which the CryptoLocker ransomware attack was conducted, resulting in millions of dollars of losses. At the peak of its activity in 2012 and 2013, between 500,000 and 1 million computers were infected with GameOver ZeuS.

Download Valley is a cluster of software companies in Israel, producing and delivering adware to be installed alongside downloads of other software. The primary purpose is to monetize shareware and downloads. These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware. Another group of products are download managers, possibly designed to induce or trick the user to install adware, when downloading a piece of desired software or mobile app from a certain source.

<span class="mw-page-title-main">Citrio</span> Adware web browser

Citrio is an adware web browser developed by Catalina Group Ltd. and distributed by Epom Ad Server. Citrio is available for Windows and Mac OS X. Citrio has a download manager that includes Bittorrent support, a video downloader, a media player and a proxy switcher. Citrio is based on the open source Chromium web browser project, which makes it compatible with all extensions, apps and themes from Chrome Web Store.

Zemra is a DDoS Bot which was first discovered in underground forums in May 2012.

BASHLITE is malware which infects Linux systems in order to launch distributed denial-of-service attacks (DDoS). Originally it was also known under the name Bashdoor, but this term now refers to the exploit method used by the malware. It has been used to launch attacks of up to 400 Gbps.

Remaiten is malware which infects Linux on embedded systems by brute forcing using frequently used default username and passwords combinations from a list in order to infect a system.

<span class="mw-page-title-main">MalwareMustDie</span> Whitehat security research workgroup

MalwareMustDie, NPO is a whitehat security research workgroup that was launched in August 2012. MalwareMustDie is a registered nonprofit organization as a medium for IT professionals and security researchers gathered to form a work flow to reduce malware infection in the internet. The group is known for their malware analysis blog. They have a list of Linux malware research and botnet analysis that they have completed. The team communicates information about malware in general and advocates for better detection for Linux malware.

<span class="mw-page-title-main">IObit Malware Fighter</span> Potentially unwanted program (PUP)

IObit Malware Fighter is an anti-malware and anti-virus program for the Microsoft Windows operating system. It is designed to remove and protect against malware, including, but not limited to Trojans, rootkits, and ransomware.

References

  1. "Changelog". OrbitDownloader.com. Innoshock. 16 April 2010. Archived from the original on 27 July 2018. Retrieved 4 February 2011.
  2. "Orbit Rich Media Downloader Changelog". Archived from the original on 27 July 2018.
  3. 1 2 3 4 "Orbital Decay: the dark side of a popular file downloading tool". WeLiveSecurity. ESET. 21 August 2013. Retrieved 21 August 2013.
  4. 1 2 3 4 5 6 Williams, Mike (23 August 2013). "Orbit Downloader includes DDoS code, says ESET". Betanews.
  5. 1 2 "Orbit Downloader 4.0.0.6". Softpedia . SoftNews SRL. 13 January 2011. Archived from the original on 10 August 2011. Retrieved 4 February 2011.
  6. 1 2 Constantin, Lucian (22 August 2013). "Popular download management program has hidden DDoS component, researchers say". Computerworld. Retrieved 14 September 2018.
  7. 1 2 "DDoS Weapon Found Hidden in Orbit Downloader". Infosecurity Magazine. 23 August 2013. Retrieved 14 September 2018.
  8. 1 2 Clarke, Tom (23 August 2013). "Orbit Downloader contains trojan – downloads blocked". Softonic .
  9. 1 2 "Features". OrbitDownloader.com. Innoshock. Archived from the original on 8 February 2011. Retrieved 4 February 2011.
  10. "Orbit Downloader". Download.com . CBS Interactive . Retrieved 28 December 2017.
  11. Thornton, Bob (23 August 2013). "Orbit Downloader 4.1.1.18". DownloadCrew.
  12. Kovacs, Eduard (23 August 2013). "Orbit Downloader Contains DDOS Component, ESET Warns". Softpedia . SoftNews.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.