BitTorrent serves malware directly from website - no need for P2P!

[Jack]

According to a really-ought-to-be-more-visible warning on the download pages of bittorrent.com and utorrent.com, a breach of the two servers resulted in a two-hour window in which downloading BitTorrent's software would have given you a fake anti-virus program instead.

BitTorrent, Inc. identifies the malware as belonging to the Security Shield scareware family.

Confusingly, the BitTorrent blog has recently been updated to claim that the software available from the bittorrent.com URI was not affected, implying that only those who downloaded utorrent during the infection window would be at risk.

Since the two sites share the same network infrastructure - both resolve to the same IP number in Limelight Networks' cloud - you might want to ignore that blog update and assume that any recent downloads from Bittorrent, Inc. were dodgy and give yourself a thorough anti-malware checkover.

Read more

 

[Jack]

This is the edited announcement from the BitTorrent blog :

 

[Deleted member 178]

used utorrent since long time ago so im not one of the victim

 

[win7holic]

i never use BitTorrent again.

 

[MetalShaun]

Happens to the best of us.

 

[jamescv7]

On my parents laptop has utorrent but an old version so good to see the laptop isn't infected.

 

[Ink]

There's nothing wrong with uTorrent client software.

Would this have only affected direct downloads from their website and not from the built-in updater?

Thanks

 

[MetalShaun]

Yep just downloads of the client from their website.