SourceForge has removed Binkiland, software believed to be malware by users of the open-source code repository, from its well of installer options for developers.
Roberto Galoppini, director of the SourceForge Community, explained that the company tries to review all of the third-party, paid-for-install software before it goes into its installer, but sometimes they have to review things after the fact. The culprit is the networks it contracts with to provide these third-party installers, he said. As SourceForge uses three different networks for these pieces of software, sometimes things like Binkiland make it into the installer from one network, only to be removed and to show up again on another installer.
Galoppini said that this is what happened here: Binkiland was removed by SourceForge from its installers last fall, only to reappear this winter. This software is included with FileZilla, the free FTP tool, and the FileZilla website directs users to the SourceForge download link as the main way to download the tool.
Galoppini went on the say that this installer is only present in 10 of the more than 500,000 applications hosted on SourceForge. It was created because the developers hosting their software on SourceForge were including their own installers with even worse third-party software, so SourceForge implemented its own optional installer to give developers a limit on how invasive the third-party installs could be.
The problems with Binkiland were the subject of a blog post on sdtimes.com on Friday.
A member of the Binkiland support team who identified himself only as Michael told SD Times in response to the initial blog post that “Binkiland can be easily and fully removed using a simple uninstall mechanism and doesn’t require any registry modification,” which SD Times noted. He added that “Binkiland is not a virus.”
A link that Michael said explains how to remove the software is provided here.