Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Found At Torrent Sites Insists "Downloading Is Wrong"

Posted by Soulskill on from the attack-of-conscience dept.

NoisySplatter writes "Ernesto, founder of TorrentFreak, reports that a new trojan, 'Troj/Qhost-AC,' has been distributed on The Pirate Bay. The virus was disguised as a serial key generator, and the offending torrent has since been removed, but the source has not been identified. Troj/Qhost-AC makes changes to the user's hosts file that redirects The Pirate Bay, Suprbay, and Mininova to 127.0.0.1. In addition to making three popular torrent sites inaccessible, the virus also plays a sound file that says: 'downloading is wrong.' It looks like someone has finally stepped up to the plate to challenge Madonna for the title of 'Most Obnoxious Anti-Piracy Stunt.' Of course, this could just be the software industry's attempt at outdoing the RIAA and MPAA."

3 of 345 comments (clear)

  1. Re:Keygens by Anpheus · · Score: 4, Informative

    Virtual machines baby, boot it up, run the keylogger, run the install up to the point where it gives you whatever you need to install, and then reset the hard drive state.

  2. Re:First? by kdemetter · · Score: 4, Informative

    Well , the trojan has been removed , and i'm sure the user uploading has also been identified and banned.

    If it changes the hosts file , it's easy to identify, and remove.

    We get trojan and virus uploaders all the time, and they are removed at first sight, so this is nothing new, and nothing TPB can't handle.

    --
    Slipping shoelaces ?
  3. Re:Keygens by Anonymous Coward · · Score: 4, Informative

    That is actually a very bad idea. Many default installs of Wine offer access to your entire filesystem (including your home directory). Wine is not a isolated environment like most VM's are. It lets you run Windows applications as native binaries, including viruses and trojans with many of their effects still intact. It is very possible to infect a Linux machine with malicious Windows binaries running in Wine.

    Personally I have never seen a real keygen that did anything other than it was suppose to. There are some flat out trojans like this article is talking about but I have never seen a working keygen that was malicious. With that said, there is always a first time. I would only run them in a VM and with networking disabled too. Wipe/reset the VM back to a known state afterwards of course.