ESET researchers recently found that Innoshock's Orbit Downloader, a popular download manager for Windows, contains additional code for performing denial of service attacks.

The additional code was added to Orbit Downloader sometime between the release of version 4.1.1.14 on December 25, 2012 and the release of version 4.1.1.15 on January 10, 2013.

ESET identifies versions of Orbit Downloader containing the attack code as Win32/DDoS.Orbiter.A.


"Given the age and the popularity of Orbit Downloader (it is listed as one of the top downloads in its category on several popular software web sites) this means that the program might be generating gigabits (or more) of network traffic, making it an effective tool for Distributed Denial of Service (DDoS) attacks," ESET distinguised researcher Aryeh Goretsky wrote in a blog post.

Following ESET's announcement, several file download sites have removed Orbit Downloader from their listings.