{% trans -%}
=========================
Malware at i2pbrowser.net
=========================
{%- endtrans %}
.. meta::
   :date: 2014-02-16
   :excerpt: {% trans %}The site i2pbrowser.net is a fake I2P website mirror serving up malware for Windows.{% endtrans %}

{% trans -%}
We have recently been made aware of the existence of i2pbrowser.net. This
website copies our homepage and download page, and attempts to trick users into
downloading Windows malware.
{%- endtrans %}

{% trans -%}
There are several indicators that point to i2pbrowser.net being a malware site:
{%- endtrans %}

- {% trans %}The domain was registered on February 10th, 2014.{% endtrans %}
- {% trans %}The download URLs for Windows, Mac OSX, Linux, Android etc. all link to the same .exe file.{% endtrans %}
- {% trans %}The .exe is only 741 KB; the official Windows installer for I2P is 13 MB.{% endtrans %}

{% trans -%}
We have not examined the malware ourselves, but it does not appear to be very
sophisticated; it is not integrated into or bundled with the I2P software.
Information security expert `Lance James`_ posted `a tweet`_ labelling it as
"a standard dark comet rat".
{%- endtrans %}

{% trans -%}
Spread the word. The only official download locations for I2P are linked on our
`download page`_. All I2P download packages are GPG-signed by the
`release signing key`_.
{%- endtrans %}

.. _`Lance James`: https://twitter.com/lancejssc
.. _{% trans %}`a tweet`{% endtrans %}: https://twitter.com/lancejssc/status/434768667310821377
.. _{% trans %}`download page`{% endtrans %}: {{ get_url('downloads_list') }}
.. _{% trans %}`release signing key`{% endtrans %}: {{ site_url('get-involved/develop/release-signing-key') }}