Just for those that didn’t see this: https://blog.malwarebytes.org/news/2015/11/has-macupdate-fallen-to-the-adware-plague/
$ strings /Volumes/MacUpdate\ Installer/MacUpdate\ Installer.app/Contents/bin/AssetsChanger | grep browser
18BrowserTools_Opera
19BrowserTools_Safari
19BrowserTools_Chrome
MacUpdate has decided to sell out their good name and lie down with the scummiest hijackers on the internet by allowing downloads to be delivered as an app instead of the actual payload. I guess Skype was too big a product to hijack, and so they’re only doing it for every other app, like, say, the little-known Firefox web browser. Which the don’t show as the first search result, which they sold to Chrome. What happens when you try to download Firefox? It instead delivers a ‘MacUpdate Installer’ app, white-labeled from a third party malware distributor, which surreptitiously sneaks browser extensions onto your computer. They even went so far as to spin it as a GOOD THING™ for customers in a blog post which then got pulled once the hubbub started. (Saved here for posterity.)
Update November 15, 2015:
They’ve stopped intercepting Firefox(just as before with the Skype example), but it’s not a long search to find other apps, like that barely-used product Dropbox nobody’s heard of. They’ve also publicly admitted that they have their priorities in the wrong order and don’t mind the comparison to similarly sleazy sites.
Warn your friends and family against their site and let’s not support this type of ass-hattery.
I’m not seeing this behavior when I download apps from MU…. I tried FireFox just now and got the expected Firefox 42.0.dmg at ~80.1MB. Did they turn off this “feature”?
They’re backing away from it for more attractive targets it seems. Calibre(the ebook reader, http://www.macupdate.com/app/mac/30657/calibre) is still hijacked. I’m seeing a confession that they recognize the outrage and are being upfront about prioritizing their bottom line over providing a valuable service. http://support.macupdate.com/status-update-installers-macupdate-com/
Bummer. MU used to be the best. Maybe the Mac App Store has taken such a big bite out their business that they’ve had to resort to such measures. Needless to say, this will only hasten their demise. 🙁