PDA

View Full Version : Misc bittorrent.com, utorrent.com hacked, Malware inserted into download


Mr. Laz
09-13-2011, 07:16 PM
Bittorrent.com's software download hacked to serve malware


File-sharing with fake AV

By Dan Goodin (http://forms.theregister.co.uk/mail_author/?story_url=/2011/09/13/bittorrent_malware_hack/) Get more from this author (http://search.theregister.co.uk/?author=Dan%20Goodin)
Posted in Malware (http://www.theregister.co.uk/security/malware/), 13th September 2011 21:53 GMT (http://www.theregister.co.uk/2011/09/13/)

Attackers hijacked two popular Bittorrent websites and tampered with their download mechanisms, causing visitors trying to obtain file-sharing software to instead receive malware.

The hacks on bittorrent.com and utorrent.com replaced the sites' standard software downloads with a piece of fake antivirus software known as Security Shield, an advisory (http://blog.bittorrent.com/2011/09/13/security-incident/) warned. Anyone who downloaded and installed software from those sites between 4:20 a.m. California time and 6:10 a.m. should scan their systems immediately for infections.
<noscript> http://ad.doubleclick.net/N6978/ad/reg_security/malware;tile=2;ct=ns;unitnum=2;pos=top;dcove=d;sz=336x280,300x250,300x600,336x600;ord=9Tm-xZcCoATgAAGWfehcAAAMa? (http://ad.doubleclick.net/N6978/jump/malware/malware;tile=2;ct=ns;unitnum=2;pos=top;dcove=d;sz=336x280,300x250,300x600,336x600;ord=9Tm-xZcCoATgAAGWfehcAAAMa?) </noscript>
Once installed, Security Shield delivers false reports that a computer is infected with multiple pieces of malware and prompts the user for payment before claiming to disinfect the machine. The attack affected only users who downloaded and installed software from bittorrent.com and utorrent.com during the hour-and-fifty-minute window that the sites were compromised. Those who installed software previously are unaffected.

"We take the security of our systems and the safety of our users very seriously," the Bittorrent advisory stated. "We sincerely apologize to any users who were affected."

pr_capone
09-13-2011, 10:25 PM
"Good, fuck the pirates" post in 3... 2... 1...

MoreLemonPledge
09-14-2011, 02:22 AM
WHERE'S DANE

RiversRunRed
09-14-2011, 09:12 AM
Security Shield forced itsef on my computer a couple of months ago.

Fucking evil shit, its the computer version of the burning aids tree.

Short Leash Hootie
09-14-2011, 02:38 PM
that's why I'm thankful I have iptorrents! Great, private site.

DJ's left nut
09-14-2011, 02:42 PM
Security Shield forced itsef on my computer a couple of months ago.

Fucking evil shit, its the computer version of the burning aids tree.

I got that damn thing once when I was doing fantasy baseball research. As far as I know, I wasn't even downloading anything.

I'll tell you this - that !@#$er is clever. It sets your desktop icons to invisible, tells your computer to hide all invisible icons and fires up a bunch of fake processes to slow your computer down. Then it changes your background screen to black through your bios stuff.

It's a genius little bit of malaware and it took me 2 days to figure out how to get rid of the MFer. I mostly just had to keep locating stuff, deleting it, and doing system restores from safe mode until it finally started firing again. I tried so much different crap that I don't even remember exactly what I did to get it.

That thing is just evil.

Mr. Laz
09-14-2011, 03:00 PM
that's why I'm thankful I have xxxxxxx! Great, private site.
shhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh

blazzin311
09-14-2011, 05:24 PM
that's why I'm thankful I have iptorrents! Great, private site.

I would have to agree with this. Actually I suppose I have a couple of invites I could offer up here on CP for anyone who's interested. Send me a pm....first come first serve should be fair enough.

kaplin42
09-14-2011, 05:38 PM
that's why I'm thankful I have iptorrents! Great, private site.

This plus a seed box FTMFW.