Slashdot Mirror
Hackers Seed Torrent Trackers With Malware Disguised as Popular Downloads (grahamcluley.com)
An anonymous reader writes: Cybercriminals are spreading malware via torrent distribution networks, using an automated tool to disguise the downloads as trending audio, video and other digital content in an attempt to infect more unsuspecting victims. Researchers at InfoArmor say they have uncovered a malicious torrent distribution network that relies on a tool called RAUM to infect computers with malware. The network begins with a torrent parser, which collects information about some of the most popular torrent files circulating around the web. Computer criminals then apply their RAUM tool to create a series of malicious files. Some are fake copies of those popular torrent files that in reality hide notorious malware such as CryptXXX, Cerber, or Dridex. Others are weaponized torrent files, while others still are parsed torrent files that rely on a high download rating, a reputation which the attackers artificially inflate by abusing compromised users' accounts to set up new seeds.
I don't believe you.
unless I'm missing something to this story, getting malware from a torrent seems like an already well known issue.
Omg its 2001 again!
I thought I was reading a "this day on /." from like 2003.
Although it just occurred to me that there are adults who weren't even born when Windows 98 came out. Fucking hell.
Next Story: Hackers dupe limewire users into downloading malware disguised as music, underage pornography, and hilarious prank calls to Bill Gates.
also its just RIAA again probably
So?
Everyone knows that if you get files from less than legitimate sources that you are opening yourself up to this kind of thing.
It's been like that ever since people were swapping floppies with pirate copies of Doom.
The method might be new, but the risk has always been there.
If you don't want the risk, there are legal alternatives that aren't THAT expensive any more.
Hackers are distributing malware as popular warez? Stop the presses!
Is the submitter a child? This is nothing new and has been around as long as piracy has.
There's been keyloggers and other malware named as popular downloads and surely porn in torrent trackers for long times
And before that on USENET! History, it makes today not such a huge deal.
So are we talking sharks with lasers or more IED kind of torrents? Or are they astroturfing for "Hurt Locker"?
This sounds like the work of the MAFIAA
And in other news, water is wet, Hillary is still not in prison, and Donald Trump said something offensive.
The article seems to make a distinction between torrent hiding common malware, Dridex etc, and "weaponized" torrent files. What the actual fuck are they saying?
Hence no one downloads torrents. The problem has been fixed. So what else is going on today?
This has been happening for as long as piracy has been around. Just because it's happen "on torrents" doesn't make it any different than when it happened on Usenet, Limeware, IRC, or any of the millions of other sources of pirated content. The same as adding "on a computer" to an existing invention doesn't make something a new and patentable invention.
This will only catch the REALLY REALLY stupid torrent users.
They're likely already infected with something anyway. Or will be soon.
Okay. Show of hands.
Does ANYONE think this is news? All I see scrolling down is a flood of "Duh."
Anyone? Anyone?
This has been going on since filesharing was a thing. It's what killed gnutella/limewire protocol. Torrents have always had this problem too, along with bogus large files pushed by content holders in an attempt to discourage piracy. Most get flagged and removed within hours.
unless I'm missing something to this story, getting malware from a torrent seems like an already well known issue.
Yeah. What a bunch of niggers. It's like they only just now used their Obamaphones and public libraries to use internet!
more like RIAA/MPAA psyops bullshit to me.
This is pretty basic security stuff, but if you don't know if a file you want to download is malicious or not, download it within a virtual machine (or a jail, if you're using a BSD) that has no access to its host or Internet connection. If you need to move it to your host, only do so after you have tested it out while checking your VM's system log to make sure it's not doing anything suspicious. If you want to be extra safe, then you also want to use a mandatory access control (SELinux, AppArmor, etc.) to limit what the file can do.
Water is wet, Sky is blue.
ZDNet was alive and well, why are we shocked?
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
spreading malware via torrent distribution networks, using an automated tool to disguise the downloads as trending audio, video and other digital content
OK, so, you rename SuperBadVirus.exe to AwesomeMovie.avi.
Now what? Unless I run the avi file as an executable, which it's hard to believe many people are idiotic enough to do, your media player is going to attempt to load it as a video file, and fail to do so. But it won't run it as a native executable.
Or is it that they've found some buffer overrun or whatever that can be exploited by an actual video file? In which case, for what player? That would be specific to the format and the player and codec in question, so it's meaningless without knowing the details, and anyway that's the interesting part, now how it was transmitted over the wire.
and "weaponized" torrent files. What the actual fuck are they saying?
Someone misread .wmv as .wmd again?
I mean, c'mon, is that really a story?
Next we'll get to hear that water is wet, that Trump has said something controversial, that Hillary has lost some mails, that Apple has removed yet another standard plug from their system and that Sony has been hacked?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I would expect even /. to get that much right. Are my expectations too high?
slashdot: A failed experiment.
This is also happening on Kazaa. Watch out!
Torrents have been around for HOW many years now, and they just figured this out?
And those swarms have zero seeds and zero participants and fall off the bottom of search results so about 5 people get infected, if that.
Torrents are cleaner than SourceForge ad banners were before they got sold. But.. be afraid! Be very afraid!
You fucker. You had your chance app appy troll dude on other relevant posts, but we aren't listening now. We do see you're still alive.
The studios have had little black hat operations in their basements for decades. Around 2005 while working on a DRM solution for a big software company, I had the pleasure of working with one of these black hat studio basement operations.
The reason I say black hat is because everything described in this post, they were doing in 2005/6, and actually a lot more. Three guys in a basement, major studio, spreading malware / adware etc. in bunk torrents, running their own large honey pot torrent nodes. etc.
I highly doubt anything is changed except they are probably now much more sophisticated and probably work with some alphabet agencies on the side.
....they want their copy of "Diamond Age" back.
In related news, water is wet.
...it becomes possible to 'weaponize' an MP3, MP4, AVI, MKV or ZIP file. You shouldn't be downloading executables off torrents anyway. And read the comments before downloading.
"..One hosts to look them up, one DNS to find them, and in the darkness BIND them."