TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Classic Shell is now safe to download again, after the hack

One of the main download mirrors of Classic Shell, a popular Windows freeware, was recently hacked for some 3 hours and was serving a hacked copy of the files. Classic Shell downloads on FossHub were trapped with an old-school software which actually infected the victims’ Windows PCs. The users who downloaded this malicious software from the website and ran them on their Windows 10 devices saw something which was very unexpected.

Their devices, instead of installing the expected app, were actually replaced with a code on the computer’s Master Boot Record (MBR). When the next reboot or power on happened the machine actually did not start up properly. Instead, it displayed a cheeky message. Even the drive’s partition table was likely to be damaged.

Classic Shell

Here is what the message after a reboot read:

As you reboot, you find that something has overwritten your MBR! It is a sad thing your adventures have ended here! Direct all hate to Pegglecrew (@cultofrazer on Twitter)

Classic Shell is now safe to download again

The affected users reported the issue and the same were acknowledged by the CS developer. Now, the Classic Shell home page displays a warning as below:

Attention! The download service for Classic Shell was hacked on August 2nd, and for a few hours it served an infected version of the installer. The malware corrupts your PC and makes it unbootable.

The current download link is safe. The website also gave an insight to the users on the whole scenario and offered instructions to fix the unbootable PCs. Additionally; the website also confirms that it is totally safe to download the latest Classic Shell 4, 30 which is hosted on Media Fire.

The new file has been uploaded to VirusTotal and has come out totally clean. It is suggested by the developer that the users check the file signature after the download and verify if it displays the name of signatory as Ivaylo Beltchev. This signature is legitimate and official and the hacked file will not display the Digital Signatures tab.

If you want to know more about the hack, click here.

Updated on Tags:

AnkitGupta@TWCN

Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap