BitTorrent web downloads hijacked to push fake antivirus

Company admits uTorrent P2P program compromised

The publisher of the uTorrent file-sharing program has admitted to suffering a major security breach that allowed attackers to substitute downloads of its client for malware pushing fake antivirus software.

Anyone who downloaded its uTorrent program between 4.20am Pacific time (12.20pm BST) and just after 6am on 13 September will have been downloading the Security Shield scareware program, which pesters the user to pay for protection against non-existent threats it claims to have detected.

Originally, the company believed that both BitTorrent and the cut-down uTorrent clients had been affected, but a later clarification said that the former was not now thought to be involved.

"Clarification: This only affects users who downloaded software specifically from utorrent.com between the hours above this morning. Users who previously downloaded our software are not affected," said a company blog.

"After further analysis, we don't believe BitTorrent.com or the BitTorrent Mainline/Chrysalis clients were part of the incident."

Not everyone is totally convinced by this statement, starting with said Paul Ducklin of Sophos..

"Confusingly, the BitTorrent blog has recently been updated to claim that the software available from the www.bittorrent.com URI was not affected, implying that only those who downloaded UTorrent during the infection window would be at risk," he wrote in a comment article.

"Since the two sites share the same network infrastructure - both resolve to the same IP number in Limelight Networks' cloud - you might want to ignore that blog update and assume that any recent downloads from Bittorrent Inc. were dodgy and give yourself a thorough anti-malware checkover," said Ducklin.

Although the fake antivirus concerned should be relatively easy to block for an up-to-date antivirus program, users might be tempted to ignore warnings as false positives. Once installed, it is also possible that the Trojan could call further malware.

The company hasn't said how its security was breached, merely that one of its web servers was involved.

The involvement of BitTorrent is ironic given that the network itself has in the past been used to distribute malware, usually in the form of programs masquerading as genuine but pirated software.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags sophosbittorrentPersonal Techsecurity

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

John E Dunn

Techworld
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?