SourceForge, once a trustworthy source code hosting site, started to place misleading ads (like fake download buttons) a few years ago. They are also bundling third-party adware/malware directly with their Windows installer.
Some project managers decided to leave SourceForge – partly because of this, partly just because there are better options today. SF staff hijacked some of these abandoned accounts, partly to bundle the crapware with their installers. It has become just another sleazy garbage site with downloads of fake antivirus programs and such.
How can I help?
If you agree that SourceForge is in fact distributing malicious software under the guise of open source projects, report them to google. Ideally this will help remove them from search results, prevent others from suffering their malware and provide them with incentive to change their behavior.
As this story has been submitted several times in the past several days, by various submitter and is going around various other tech forums( https://news.ycombinator.com/i... , https://soylentnews.org/articl... , https://www.reddit.com/r/progr...