In a major shock, popular Windows app Orbit Downloader has been identified as containing trojan-type software that allows users’ PCs to be used in ‘DDOS’ attacks online.
Security experts at ESET discovered the secret functionality built in to Orbit during a routine check. When run, Orbit Downloader silently connects to the internet and downloads config files. These files in turn instruct the computer to connect to web addresses. When such connections are attempted from millions of PCs simultaneously, they can cause a website’s servers to collapse and effectively shut that site down.
The experts at ESET believe that Orbit might have contained this code for some time. It’s currently unclear if the program or the developer’s website have been hacked to trick Orbit into behaving in this way.
Softonic’s security analysis also detected the threat and we have deactivated the download options for Orbit Downloader until further notice. We recommend that if you have Orbit Downloader installed, you should stop using it for the moment, and consider uninstalling the program until a safer version is made available.
A worrying aspect of this story is how such a popular piece of software could have been operating in this way – apparently for a long time – and apparently none of the major PC security companies noticed it. Even now, only 1 out of 23 scans on Softonic identifies the threat (that’s Kaspersky). What does this say about the quality of the scanning and testing being done by the big names in computer security?