Fake Gaming Torrents Download Unwanted Apps Instead of Popular Games

Reader Orome1 writes: If you're looking for torrents to download pirated copies of popular games, be extra careful not to be tricked into downloading malicious and unwanted software instead. According to Symantec researchers, who have been trawling popular torrent websites, there's an active distribution campaign going on that delivers potentially unwanted apps posing as torrents for games like Assassin's Creed Syndicate, The Witcher 3, World of Warcraft: Legion, The Walking Dead: Michonne, and several others. At first glance, the torrent does not seem suspicious -- its size is as small as expected from a torrent file. After saying "Yes" to the UAC security dialogue that asks if they are sure they want to allow the program to make changes to the computer, users end up with a file downloaded from a Google Drive -- a file that is considerably larger than a torrent file (around 3.5 MB) and is obviously an executable.

Old News

[HumanWiki]

Not even close to a new concept and has been done since back in the days of KaZaa, eMule, Napster, Morpheus, etc.

Re:Old News

[Yvan256]

Everything old is new again.

Re:Old News

[Mashiki]

Even older then that. This was happening back in the 90's when usenet was the main source of downloading everything.

Re:Old News

[rtb61]

It really makes no sense any more though, why bother a little bit of patience and http://whenisthenextsteamsale...., you end up with games you have bought and simply don't get around to playing because, so, so many games and so little time (let alone the time vacuum of free to play MMOs). No hurry to buy new games because there are so many old games I have yet to play. It's like kids stealing stuff, just to steal stuff, even though they just throw it away (the pleasure of the risk over any value from the reward).

What has become of this world?

[narcc]

Downloading software from shady online sources is suddenly risky? Say it isn't so!

Where's the "noshit" tag when you need it?

[xxxJonBoyxxx]

>> Fake {Software/Media} Download(s) Unwanted Apps Instead of Promised {Software/Media}

Where's the "noshit" tag when you need it? This has been going on since the bulletin boards and floppy exchanges, if not longer.

A brain-dead presser like this make me wonder if anyone at Symantec even remembers Anna Kournikova.

Don't be dumb

[just+another+AC]

But that Nigerian prince seemed so nice!

People on the internet will try to take advantage of you. I am shocked.

(and this was the number one infection vector in the 90s... so this being news is like a patent being new because it is "in the cloud")

Hmm

[The+MAZZTer]

Not clear to me how it goes from being a torrent file to a file downloaded from Google Drive. My only guess is it's not a torrent file but a .url file which lniks to the .exe mentioned. And this is incredibly easy to detect simply by knowing what you're expecting to get, and aborting when you see something unexpected (eg it's not actually a torrent file. the "torrent" didn't download what I expected, what it actually downloaded is incredibly suspicious). There are multiple opportunities to avoid getting infected, including the UAC dialog mentioned which should be a HUGE red flag.

Even headline is annoyingly "modern" for old story

[flitty]

They're not Unwanted "APPS", they're malware. You don't need to call everything an App. This story reads like someone who just found out that "unsubscribing" from spam is a bad idea. Also, you've got to be pretty, pretty dumb to run a 3.5 MB .exe file that calls itself "Witcher 3". Like, that's beginner level internet surfing 101.

Never gonna give you up

[MobyDisk]

Never gonna give you up,
Never gonna let you down,
Never gonna run around...

My favorite rick-roll of all time was when my brother bought a mod chip for his Nintendo DS, hacked it, installed the appropriate firmware, spent days downloading a torrent, went through a whole bunch of hacks and configuration steps, only to hear that amazing tune...

Re:That's what you get for piracy

[TheRaven64]

So don't buy them. I stopped buying games for quite a few years because I wasn't willing to put up with the DRM that they included. I realised that if I pirated them, then I'd talk about them, which might lead other people to buy them, and so I'd be supporting the publishers, albeit indirectly.

Then gog.com launched and now I have bought a load more games than I have time to play. I can download a stand-alone installer for any of them, which I can back up and install on any computer that I own without needing an Internet connection. There's simply no excuse for pirating games these days.

For everyone confused by this...

[Gibgezr]

The "torrent file" that is downloaded is always a tiny file, it's a descriptor for the torrent you wish to join. It's like a URL (but it is not a URL). The way downloading torrents on Windows works is often:
1)Download a "torrent file".
2)Open the "torrent file", which causes Windows to do a file association, which has it open your torrent application and feed it the torrent file. You join the torrent swarm and start uploading/downloading.

Step 2 is the weakness: if you download something purporting to be a torrent file that is instead an executable, you might mistakenly allow it to run when you open it. The UAC will kick in and warn you, but still, shit happens.

Re:What's not suspicious about that?

[Qzukk]

So now people are clicking on boobs.jpg.doc.wmv.torrent.exe?

It's Windows 10, has microsoft stopped hiding the .exe extension yet?