- Oct 16, 2010
- 7,640
- 23
- 12,919
More information:
> Between May 06 - May 07.
Markdown (GitHub flavored):
Update 6:(21:18 - 07.05.2026) When?
Website with the alternative installers has been compromised on Wed May 06 2026 00:01:09 GMT+0000
Before that, the attacker did experiment on another dummy site on Tue May 05 2026 23:55:37 GMT+0000
Update 7:(22:03 -07.05.2026) As there has been question about 3rd party docker images. some docker images pull JDownloader.jar from different infra, not affected. Only website has been compromised.
Update 8:(23:09 -07.05.2026) Comparision/Diff of all files with offsite(rsnapshot in pull mode) backup has shown that only the two sites mentioned in update 6 have been edited/compromised.
The attack was about editing the website and replacing the alternative installer links with compromised ones, smartscreen does warn about execution of them due to missing digital signature.
> Between May 06 - May 07.
