Sublime Forum

WARNING - Fake Website pretending to be Sublime Text


I made the stupid mistake of clicking on the first link I saw when searching for Sublime Text. and opened the zip file they sent as the supposed editor software. Make sure you do not go on this site or download any files from there.

BE WARNED this site looks like a clone of the real one.



I found that website. The URL is “sublimetextdotdigital” I spelled it out so it wont convert into a link in this reply. Its from Russia. It was an absolute clone of the real sublime site. I went to download and installed the exe file and it did nothing. I did it again and it did nothing. I then got suspicious of the site and started poking around. Luckily and unfortunately the PC I installed it on was a new PC with a fresh copy of Windows on it. Luckily it was nothing to wipe clean. Unfortunately that was the last of tons of software I had just installed on a workstation before I created a fresh image. So once I figured out it that exe was fake I pulled the plug and wipe clean. A lot time down the drain but caught it in time. The way I really knew it was fake was when I hit the “Support” link in the main nav and it was a 404. These chumps even did paid google ads as the screenshot shows above. Thats what got me. If you look at the screenshot, the URL next to the “Ad” word can be made to show whatever URL you want when you create that paid add with Google.




I managed to fall for the same. I have realized it after about 3 to 5 minutes. I was working on a virtual machine, and I shut it down and deleted it. I am worried now about whether whatever malicious payload was there might have infected network files to which the VM had access to, or other devices / PC on the network.

Does anyone have any idea of what that app might really be?

Hope no other people make the same mistake.

What would it possible to do to get it removed? Can Google be contacted about this?



P.S. The fake installer comes as a zip file with several contents. I have re-downloaded it on a different PC without opening / installing the contents. A Norton scan does not reveal anything - but perhaps there is just something too new in it for Norton to know :frowning: