Malware is the bane of the Internet. Seriously, few things on the web are as dangerous as contracting malware, and few things are as time-consuming as the process of malware removal. Avoid at all cost.
And if there’s one habit that you must kill as soon as possible, it’s the carefree downloading of software from any and all sites. Today, free software download sites are one of the most common sources of bloatware and even malware.
1. CNET Download
Go around and ask people what they think of CNET Download — the site formerly known as Download.com — and most of them will probably tell you to stay away. You should heed that advice if you know what’s good for you.
CNET Download has been around since 1996, making it 20 years old at the time of this writing. It used to be the most popular download destination on the web, but in those two decades, the site has really gone downhill.
In 2011, the site introduced a download manager program called CNET TechTracker that was allegedly full of toolbars and bloatware, which was so bad that it was eventually flagged by security suites. Then in 2015, malware was found to be bundled with their installer files.
Can you download files safely from CNET Download? Yes, you can, but it’s risky. Few people trust CNET Download anymore and using the site is akin to crossing a minefield. Your next step could be your last.
Tucows is another free download site in the vein of CNET Download. What’s funny is that Tucows is actually older than CNET Download — by about three years. Started in 1993, Tucows is one of the oldest download sites in the world.
In 2008, Tucows announced that they would be shifting focus away from software downloads to diversify their business. It would go on to launch the Ting mobile service network, among other business ventures.
Since shifting focus, Tucows has been involved in a few malware-related incidents. For example, in 2010, it served malvertisements to visitors. And in 2015, Emsisoft found that Tucows served the most potentially unwanted programs with its downloads.
We recommend staying away. There are better sites out there with more up-to-date repositories and less malware to worry about.
Not to be confused with Softpedia, which is mostly reputable for what it is, Softonic is another ancient download site that has been around for a long time — since 1997 — and it’s actually foreign, based in Spain.
Starting in 2009, Softonic spearheaded several different distribution models, including the Softonic Toolbar and the Softonic Downloader. Even when users opted out, they were blasted with these kinds of unwanted programs, which is why Softonic has such a poor reputation now.
In 2015, the co-founder of CNET Download became the new CEO of Softonic. The Toolbar and Downloader were immediately dismantled and the site promised to dedicate itself to clean and safe software, but it’s still too early to tell.
Considering how poorly CNET Download has performed in terms of delivering clean and safe software, we recommend treating Softonic with similar caution and avoiding it until the site proves itself and walks the talk.
4. Public Torrent Trackers
Despite what a lot of people think, torrenting itself isn’t actually illegal. Indeed, there are plenty of legal torrents out there and they’re all valid and legitimate. But let’s be real: if you torrent, you’re probably doing it illegally.
We don’t condone the practice, but if you are going to download torrents, heed this warning. Public torrent tracker sites like ThePirateBay may contain malware.
For example, malvertising is a big concern where advertisements are used to distribute malware. Malware can also exist inside fake torrent downloads. If you download a movie and it says you need to install a special video codec, that “codec” is probably malware.
According to a 2015 study, users are 28 times more likely to contract malware from torrent sites than mainstream websites.
Long story short, torrents are risky. The risk goes down if you switch to using private torrent trackers but even those can be dangerous, if you aren’t careful.
5. File Hosting Services
Piracy exists in many forms. Torrenting is the most controversial and public form, of course, but file hosting sites make up a huge chunk of the piracy realm. Remember the now-defunct MegaUpload? Yeah, those sites.
Like torrent sites, file hosting sites are prone to malvertising attacks and downloads that contain malware, but they also have a third form of malware distribution: the fake download button.
We’ve all seen it before. You search for a pirated copy of a book or music album, for example, and arrive at a site like Turbobit or HugeFiles — only to see DOWNLOAD HERE all over the place. Here’s a good rule of thumb:
The bigger the download button, the faker it is.
We’ve written before on how to spot and avoid fake download buttons but these tricksters are constantly evolving and getting more deceptive. The only foolproof way to protect yourself is to avoid file hosting sites altogether.
6. Warez Exchange Forums
This one is sort of a corollary to the point directly above, but you should avoid warez sites as much as you can. For those who don’t know, warez are a form of piracy that mainly involves cracked software.
Warez are usually exchanged within a community, though these communities can be publicly accessible through search engines. Most often, warez exchanges exist as forums but use various file hosting services for the actual sharing.
The threats are the same here: malvertising, fake warez, and infected warez downloads.
7. The Windows Store
There are so many reasons not to use the Windows Store. The lack of many important and popular apps is a huge downside, but there’s also a plethora of dead and abandoned apps that simply don’t work anymore.
But most of all, it seems as if the Windows Store isn’t as impervious to malware as once hoped.
The two biggest selling points of the Windows Store are: one, it’s highly regulated to filter out scamware and malware, and two, apps run in a sandbox to prevent them from gaining access to system files and processes.
Well, we’ve known for a while that the Windows Store is full of scamware and deceptive apps, but the sandbox aspect has been pretty good… up until now, at least.
Not long ago, ZDNet discovered a Windows Store app that used an in-app advertisement to download unwanted software. Microsoft is doing its best to solve this security hole, but for now, you may want to avoid downloading anything from the Windows Store.
Which Download Sites Do You Avoid?
This isn’t a comprehensive list, but it’s an important starting point. Too many sites out there can deliver malicious trojans and worms to your computer and it’s your duty to be wary and vigilant. You can turn to the safest software download sites, but they’re not perfect, either. Do remain cautious!
What should you do when you discover malware on your system? Follow our step-by-step guide to fighting a malware infection.
Now you tell us: which nasty download sites do you avoid at all cost? What’s the worst bit of malware you’ve ever contracted? Share with us down in the comments!