One of the greatest things about an open source project is sharing the source code with everyone, and fixing bugs and adding new features as a community. However some time it gets abused.
In a recent blog post, VLC developer Ludovic Fauvet said that scammers are taking advantage of the availability of the VLC source code to trick users. The scammers are adding malware and adware to VLC and releasing them as the original product.
This is how the scammers work:
- They get the VLC code and add adware or malware.
- They release their version of VLC as the original.
- They buy advertisements using Google AdWords.
- They earn more money through the malware and adware bundled with their version of VLC.
- They buy more advertisements.
This is a direct violation of the GPL under which the VLC source code is being distributed. (Obviously the scammers do not care about license violation.) And more importantly, this tarnishes the VLC brand in the eyes of unsuspecting users.
This is what Ludovic Fauvet wrote:
What bothers us the most is that many of them are bundling VLC with various crapware to monetize it in ways that mislead our users by thinking they’re downloading an original version. This is not acceptable. The result is a poor product that doesn’t work as intended, that can’t be uninstalled and that clearly abuses its users and their privacy. Not to mention that it also discredits our work as volunteers and that it’s time-consuming, time that is not invested in the development.
Remember to download VLC only from the official repositories or the official website to be safe.
For obvious reasons, we will not link to those scammers’ websites here. However, this is not the first time that a popular open source project has been abused by scammers. Last year, Blender reported that scammers are rebranding their application and selling them.