News.Ycombinator
JDownloader Website Compromised to Distribute Malware to Users
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
The JDownloader website was hacked between May 6 and May 7, 2026, to serve malicious installers for Windows and Linux users. Attackers replaced legitimate download links with malicious payloads, specifically targeting the 'Download Alternative Installer' and Linux shell installer links. Users who downloaded these installers may have inadvertently installed a Python-based remote access trojan. The JDownloader team confirmed the breach after users reported issues, including malware being flagged by security software. The website was taken offline for investigation, and the malicious links were removed. The main JDownloader JAR file and other installation methods remained unaffected. The developers provided guidance for users to verify legitimate installers and shared hashes for the malicious files. The website was restored on May 9, 2026, after ensuring the integrity of the download links.
Key Points: • JDownloader website hacked to serve malware via compromised download links. • Users who downloaded installers between May 6-7, 2026, are at risk of infection. • Main application files were not affected; only specific download links were compromised.