Anti-Virus Vendors Flag uTorrent and BitTorrent as a “Threat”, Again

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
Most of the articles about torrents found in Japan are introduced as sources of illegal materials. There is no end to the number of people who feel as if they have found a treasure island and casually enter there.
There is no problem with the torrent itself. There are many things that are meaningful and harmless. However, many use it to obtain illegal material, and illegal material is often maliciously tampered with. There are unknown microorganisms and bacteria in the treasure island.
The article also mentions that there are such risks, but those who aspire to be treasures don't really care.
In light of this, I believe that it is not wrong to issue a warning that 'danger'.
 

DDE_Server

Level 22
Verified
Top Poster
Well-known
Sep 5, 2017
1,168
Used to use qbittorrent but using Tixati since few years.

1-Don't put your words in my mouth.

2- I didn't say frequently on video/audio, I said "way too many" . Did you cross those videos or audio files asking you to download the right codec? It is an old attack called "getcodec". I saw plenty.
Also, there is malware hidden inside those files (or more precisely malware using media files as camouflage), the attack is called "malsteg for malicious steganography" and lastly but more rarely, the media file malware can be used for fuzzing the player, creating a bug in it allowing code injection in its memory space.

4- UAC only prevent privileges escalation, if the malware doesn't require it, UAC won't trigger.

Antivirus only detect what is active on the disk, fileless malware which mostly run in memory won't be detected. Few AVs block exploits, macros or scripts. Compromised or malicious sites will load code and aren't detected unless discovered. I don't even mention signed malware.

Scanners are only useful if a signature exist, not If the file is obfuscated or is a true zero-day.

About FWs, malware can inject its code into a legit process previously whitelisted by your firewall. So the malicious connection will be created (unless the FW has some sort of IDS/IPS and can analyze packets, those features aren't usually in home users products)

How do you know if those infect you? By using some tools, but mostly having knowledge and knowing your system behavior, which is lacking for 90% of average users. For example, i have a static system, I can tell when my system behave improperly or when a "never seen before" process just appeared from nowhere.

Now at your credit, having all those factors embedded in the same media file is uncommon but not impossible.
I can say media files start to become interesting for malware writters, videos and photos are the new drug of the masses. People will run them without any suspicions. Luckily you seems to have some security basics which makes you a bad candidate but I can't say the same for billions others.

Remember we (security forums people) are a microcosm, we are like martial artists able to disarm an armed opponent with our bare hands, most people aren't, so your security strategy mentioned above don't applies to Average Joe.


I hope I answered some of your questions.
This post should be Pinned you are truly knowledgeable. would you recommend some books to read about such these advanced malware attacks ???

For Example i am using Qbittorrent to download Anime Epsoides from Nyaa i think something like that is safe although i use VPN while doing that
 
F

ForgottenSeer 823865

The clients are harmless (at least most of them)
This post should be Pinned you are truly knowledgeable. would you recommend some books to read about such these advanced malware attacks ???
You don't need any books, all is on the net, you just need some Google-Fu. You will find tons of reports and pdf about new malware , explanations on how is their attack chain, etc...

For Example i am using Qbittorrent to download Anime Epsoides from Nyaa i think something like that is safe although i use VPN while doing that
So do i, downloaded the full Bleach series :p
The VPN is just a decoy, but still useful, the risks are in the downloaded files themselves; and you can't be 100% sure the file is clean. reason i see them in a sandboxed player but if a very sophisticated attack is made via the video, it won't help much.
The best parade is a the good ol backup of the system; you feel something is wrong, restore the backup , better lose 30mn than being infected.
 

DDE_Server

Level 22
Verified
Top Poster
Well-known
Sep 5, 2017
1,168
The clients are harmless (at least most of them)

You don't need any books, all is on the net, you just need some Google-Fu. You will find tons of reports and pdf about new malware , explanations on how is their attack chain, etc...


So do i, downloaded the full Bleach series :p
The VPN is just a decoy, but still useful, the risks are in the downloaded files themselves; and you can't be 100% sure the file is clean. reason i see them in a sandboxed player but if a very sophisticated attack is made via the video, it won't help much.
The best parade is a the good ol backup of the system; you feel something is wrong, restore the backup , better lose 30mn than being infected.
i am sure you will enjoy bleach. i think you may watched naruto also :)
yes iam making backups using AOEMI regularly
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top