Report it to safe search so chrome starts blocking the page.

In the github issues the dev is aware of this but he's not completely enraged, just mildly infuriated that the design is too similar and he's politely asking to have a different design.

From the history in the wayback machine i don't see any "parking" page between the switch, so my guesswork is that the dev has been approached with an offer like "we like that domain, we would like to buy it for $$$", unaware that they would copy the design like that in order to achieve maximum deception of users

If you contact the .org registry they'll take it down. .org is for non-profits

The benefit of using a package manager like Winget, brew, apt, snap, fdroid is that these attacks are less likely especially with doubly signed reproducible builds like fdroid

Scummy practice by Zamzar. The actual FOSS app by Adrien Allard is awesome and very lightweight. https://file-converter.io is the correct FOSS version URL.

Unfortunately this isn't uncommon. This us part of the reason I stopped using Google

It seems it's not so much they stole the domain, it's that they are using the same name with a different top-level domain. This is a common shady practice in malware. Most people can't afford to purchase every TLD or their domain and so just pick one or two. Problem is that search engines will find the bad TLDs and suggest them over the real TLD if the malware providers do proper SEO manipulation. A FOSS author is unlikely to be able to or afford the time and effort it takes to manipulate search results and most popular search engines are not doing much to fix the problem, and instead relying on "AI" to reduce the costs of maintaining their search results, which does a pretty bad job, IMHO.

The domain for my country is .ar and most sites that use said domain use .com.ar

Someone registered com under the .com.ar domain so if you add .com.ar to any url that ends in .com you get redirected to their adware site

Mildly infuriating? Sounds more like genuinely criminal

.io vs .org? Different website, old, legitimate domain still intact yes?

This is why I refuse to use any download buttons on websites for FOSS apps; if it’s FOSS, it has a link to the source, which has releases, and is the safest way to ensure you’re getting what you actually want.

There was a great windows app called 'dvdshrink' that let you rip commercial DVDs onto blank DVDs (shrinking them if necessary). It got taken down with a Cease & Desist, but the MPAA or whoever didn't worry about who took the domain. For a long time, the site was just filled with ads instead - now it's a bit more sophisticated: no real link to download the software, but lots of genuine-seeming donation requests.

The fake site is at the first search result for that software (edit: it's probably best not to link directly to it)

I'm guessing it's the one on the left that's new.

This is always what scares me about FOSS having their own websites like this. What happens when that domain runs out and this exact thing happens???