Lesson Learned the Hard Way: Pay Attention to the Source of Your Downloads

Don Tennant

Save the sneers. I’m well aware that it was a rookie mistake that your grandmother wouldn’t make. I allowed myself to fall prey to the insidious malware known as Babylon by downloading Mozilla’s Firefox browser from a shady download site. I know, shame on me. I got what I deserved.

I take no solace in the fact that I’m not alone. You don’t have to do much of a search on ways to get rid of Babylon to find that there are a lot of other people out there pleading for help on support forums because they’ve been tearing their hair out trying to rid their systems of Babylon. It also becomes clear fairly quickly that a lot of people get it by downloading Firefox. If you happen to be one of them, don’t blame Mozilla, as I initially did.

Let me back up. Last week, my HP laptop died an early death (fodder for another post, perhaps), so I had to go through the ordeal of getting up and running on a new system really quickly. Fortunately, I had the bulk of what’s important to me backed up in the cloud, so at least I didn’t suffer a catastrophic loss of irreplaceable files. Most of the ordeal involved re-downloading programs. While I use Chrome almost exclusively as my browser, I like having Firefox installed because I use a couple of the plug-ins. So that was one of the many downloads.

Anyone who downloads programs for an extended period of time knows how mind-numbing it can be after a while. But let me warn you, if you allow yourself to stop paying attention to what you’re doing, you can end up paying a heavy price.

When I downloaded Firefox, I ended up with a “Babylon search” homepage and a Babylon toolbar. I was annoyed, but I wasn’t terribly bothered by it, because I don’t use Firefox all that much. I assumed I failed to uncheck an “install Babylon” box at some point during the installation process, and figured I’d delete it when I got around to it.

It wasn’t long before I realized I had a problem on my hands. To my chagrin, both Chrome and Internet Explorer began opening with Babylon tabs. My brand-new laptop was already infected with malware. I was beyond annoyed when I emailed Mozilla’s press contact to ask why they’re bundling something as insidious as Babylon without making that fact clear to unsuspecting users. Despite my presumptiveness, I received a courteous reply a few hours later from a Mozilla spokesperson:

To be clear, Mozilla does not bundle the Babylon Toolbar as part of Firefox downloads from Mozilla.org. The Babylon Toolbar gets bundled with the Babylon translation software and with other applications through third-party download sites. Babylon can be disabled from the Firefox Add-ons Manager—you must disable all three of the Babylon-related extensions. You can also attempt to reset Firefox. Directions for that can be found in this article: http://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems. Finally, always make sure you download Firefox from www.mozilla.org and encourage your readers to do the same.

I could have sworn I had downloaded it from the Mozilla site, so I went back into my browser history to check. It turned out I had downloaded it from this URL: http://mozilla-firefox.todownload.com/

What an imbecile. I had downloaded Firefox from “todownload.com.” After I beat myself up a little for being so absentminded, I did a little research on todownload.com. It’s a download site run by an outfit called WeDownload Ltd. in Nicosia, Cyprus.

The Firefox spokesperson said the Firefox license allows anyone to distribute unmodified versions of Firefox. But if anyone makes modifications to it, like adding toolbars, they take action to stop it. According to the spokesperson, Mozilla is currently looking into the todownload.com site.

The lesson learned is always pay attention to the source of your downloads, and avoid third-party download sites unless you have some assurance that you can trust them. Thanks to the folks at Mozilla for that important reminder.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
Sep 11, 2012 9:26 PM R. Lawson R. Lawson  says:
The penalty for creating these types of malware and viruses are not severe enough. I say enough is enough. Find the webserver hosting todownload.com and send a predator drone after it ;-) I'm pretty tolerant of Iraqi WMD and Iranian "energy programs" and think we should not use force... but gosh darnit these hackers... Alright feels good getting that out of my system :-) So is Babylon really malware, or is this a case of a "helpful" website serving up installers and bundling with software you may or may not want (usually not) ? Reply
Jul 1, 2013 10:35 PM Ron Lewenberg Ron Lewenberg  says:
It is a rookie mistake. But the problem is the neglect, if not COLLUSION of GOOGLE and the other advertising companies. They could check the reputation of companies they allow to advertise. They could check links for ads. They could even ban advertising on keyword prone to bring up malware. They do none of this, because they either don't care about users getting viruses, or make money off it. Finally, they could allow they could open their API to allow Norton, McAfee, and AVG safe searches to search the ads. They refuse to do so. Google is complicit. Reply
Nov 17, 2013 1:47 AM Robert Platt Bell Robert Platt Bell  says:
I almost got nailed by this as well. It was the #1 advertised site by GOGGLE and the first hit. Google does not "shade" advertised sites now, so I didn't notice it at first. But Malwarebytes did! It blocked the "todownload" malware and stopped it cold. Shame on Google. They will shoot themselves in the foot. What ever happened to "Don't be Evil?" Seems like Google is more like Dr. Evil. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.