Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spyware Floods in Through BitTorrent

Posted by CmdrTaco on from the only-a-matter-of-time dept.

solareagle writes "Public peer-to-peer networks have always been associated with adware program distributions, but BitTorrent, the program created by Bram Cohen to offer a new approach to sharing digital files, has managed to avoid the stigma. Not any more, anti-spyware advocates warn. According to Chris Boyd, a renowned security researcher who runs the VitalSecurity.org nonprofit resource center, the warm and fuzzy world of BitTorrent has been invaded by a massive software distribution campaign linked to New York-based adware purveyor Direct Revenue LLC."

11 of 457 comments (clear)

  1. Oh, the Irony! by rueger · · Score: 5, Funny

    I will admit to being rather conflicted. On one hand, it really irritated me to discover that the app I downloaded (for testing purposes only!) would also install spyware.

    On the other hand who could I complain to? Bittorrent? Adobe? Direct Revenue?

    Yes, once again Slashdot comes to the rescue! Where else can I gripe about companies that try to exploit my illegal activities!

    --
    Three Squirrels
    1. Re:Oh, the Irony! by Master+of+Transhuman · · Score: 5, Informative


      These spyware programs that use the Registry to spawn renamed multiple copies of the spyware programs are a nightmare to get rid of.

      I had a client last night with the Backdoor.Agent.BA trojan which is incredibly hard to get rid of. There are plenty of varied instructions on the Net on how to detect it and find it, but the problem is deleting the DLL file. You can't delete it from the command line or from Windows - in Safe Mode or not (and of course if it's an NTFS system, DOS can't touch it - Linux with the Captive utility might be able to). Not only that, but the DLL does not EXIST in Safe Mode! It can ONLY be created and accessible during a normal boot - by which time you're screwed.

      The only way to delete it is to get a program called KillBox which will prompt for the filename, set itself to run on reboot before Windows is fully loaded, and then reboot Windows, deleting the file before Windows can lock it down.

      You also have to get into the Registry and delete a key which has an invisible value which is what causes it to recreate itself.

      I get my hands on the asshole who wrote this thing, he's gonna need medical life support for the rest of his life.

      --
      Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
  2. Shrug by The+Bungi · · Score: 5, Insightful
    Download something, install it on your machine. You get malware. Surprise. This has nothing to do with the fact that it's BT, because BT is open to everyone. It's the user's responsibility, as always. As with Kazaa, LimeWire and any other P2P technology or just downloading "that really cool screensaver" using your web browser.

    Of course this won't stop some people from blaming Microsoft somehow.

  3. They're number one financial backers by bigwavejas · · Score: 5, Insightful

    I wouldn't be surprised if the MPAA and RIAA are their number one financial backers, it was probably even their brainchild in an effort to chase wouldbe wrongdoers from downloading music or movies.

    --
    "Simplify, simplify, simplify!" Thoreau
  4. I call BULLSHIT by Jarnis · · Score: 5, Insightful

    Anyone with half a brain will NOT download a 'video file' that ends in .exe

    None of the real proper releases are 'infected'. Only way to get spyware is to be a moron and download some 'hot_paris_hilton_sex_video.exe'.

    There is no magic way to 'insert' spyware in bittorrent transfers. Tracker has the hash of the file, you cannot modify it. This is just a marketer seeding crap, hoping that idiots bite. Hook, line, sinker -style.

    1. Re:I call BULLSHIT by Andy+Dodd · · Score: 5, Insightful

      Still, if the result of un-RARing the file is an .exe when you downloaded video, any moron can tell that something is WRONG.

      Such torrents would quickly die from lack of seeders.

      So far, very few (if any) BT clients are bundled with spyware. Perhaps if you got them from an untrustworthy mirror, this would be different, but nearly every client is adware/spyware-free if you download it from a reputable source.

      With the exception of downloading warez (games/apps), there's almost no way anyone could sneak spyware/adware into a BT download. You just simply can't infect AVI/WMV/MPEG/MP3 files. Probably 50% of BT traffic (or more) consist of media files. Another 30-40% (at least) are Linux ISOs, which are also pretty damn hard to infect with spyware/adware.

      --
      retrorocket.o not found, launch anyway?
  5. Re:This is Dumb by failure-man · · Score: 5, Insightful

    BitTorrent already hashes the download with SHA1, so unless the Spyware industry has come up with some practical way to generate collisions it's not the pieces that are corrupt. It's the whole torrent.

  6. Re:Warm and Fuzzy?? by dr_dank · · Score: 5, Funny

    It's funny to see BitTorrent now get their comeuppance. When you lie with snakes, you're going to get bit.

    How does it feel to get hoist by your own petard now?

    Feels just like making my bed and lying in it or lying with dogs and getting up with fleas. But not as embarassing as painting myself into a corner or being caught with my pants down. A bird in the hand is wor#*NG(*(JF>SA

    POST TERMINATED: Cliche limit reached.

    --
    Where does the school board find them and why do they keep sending them to ME?
  7. They SHOULD get into trouble... by KingSkippus · · Score: 5, Interesting

    You bring up a real issue, not from an end-user standpoint, but from major corporations. Shouldn't these companies get into serious legal trouble? I can think of two ways right off the top of my head.

    First, if they're sticking adware on an illegal file and uploading it, don't the same laws apply to them uploading the illegal file? Is the **AA suing these companies along with 12-year-old kids? After all, it's adware-infested, but it's still an illegal file, right?

    Second, if they are modifying warez software, not only does the previous apply, but doesn't it fall under the protection of software that outlaws modifying binary code and distributing it without the publisher's consent? I mean think about it, this kind of thing not only supposedly denies companies revenue, but it can give them a serious black eye. What if people get the incorrect impression that an adware-infested version of a respectable piece of software is the real thing? All of a sudden, you have a really bad--and undeserved--reputation for distributing spyware on everyone's computers.

  8. THIS JUST IN-- by BitHive · · Score: 5, Insightful

    --File Transfer Protocol Used to Transfer Files. Story at 11.

  9. Fight back against Direct Revenue LLC by prezvdi · · Score: 5, Informative

    Don't bother calling their office. Don't bother emailing them for help. And no matter what you do, don't run their uninstall utility myPCtuneup - it simply installs more crap.

    Direct Revenue LLC is VC backed. Please, complain to the right guy.

    Insite Venture Partners
    Mr. Deven Parekh
    His desk number is 212-230-9216 and his real email address is dparekh@insightpartners.com

    May we waste as much of his time as he has of ours. How many people here spend hours "helping" their non-tech friends remove this crap . . .