uTorrent hacked, served malware

Powered by SC Magazine
 

Security charade.

Pirates got more than they bargained for yesterday when popular torrent client uTorrent was hacked and served malicious fake anti-virus.

The malware was injected into uTorrent.com servers at 4:20am Pacific Time yesterday. It was bundled with the torrent client for about two hours meaning anyone who downloaded the file may have been infected.

Once the client was installed, a prompt appeared to ask users to download fake anti-virus software called Security Shield.

“Just after [9.20am] we took the affected servers offline to neutralise the threat. Our servers are now back online and functioning normally,” a blog post from BitTorrent read.

“We have completed preliminary testing of the malware. Upon installation, a program called Security Shield launches and pops up warnings that a virus has been detected. It then prompts a user for payment to remove the virus. We recommend anyone who downloaded software between 4:20am and 6:10am Pacific Time run a security scan of their computer.”

The peer-2-peer site claimed neither BitTorrent.com nor the BitTorrent Mainline/Chrysalis clients were affected.

Sophos technology chief Paul Ducklin said those sites would most likely have been hit.

“Since the two sites share the same network infrastructure - both resolve to the same IP number in Limelight Networks' cloud - you might want to ignore that blog update and assume that any recent downloads from Bittorrent, Inc. were dodgy and give yourself a thorough anti-malware checkover,” Ducklin said in a blog post.

This article originally appeared at itpro.co.uk

 

Copyright © ITPro, Dennis Publishing


uTorrent hacked, served malware
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 696

Vote