Security News Campaign Using Fake Gaming Torrents Ramps Up, Spreads Malicious PUAs

Jack

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Content source
http://news.softpedia.com/news/campaign-using-fake-gaming-torrents-ramps-up-spreads-malicious-puas-505164.shtml
campaign-using-fake-gaming-torrents-ramps-up-spreads-malicious-puas-505164-3.jpg


Symantec security researchers are warning of an ongoing malware distribution campaign that leverages interest in gaming piracy to install PUAs (Potentially Unwanted Applications) on users' PCs.

The company detected websites offering popular games for download in the form of a fake torrent file. When users attempted to download this fake torrent file, they would receive a small script that tried to execute automatically.

This file uses an icon that looks like the regular logo of the uTorrent BitTorrent client, making users believe it's a legitimate torrent file.

Windows UAC would be able to stop the attack, if not for users

In normal circumstances, the script would be stopped by the Windows UAC (User Access Control) system. The hackers took precautions against this by providing instructions prior to the script's download, telling users they have to allow the script to run, despite the UAC warning [pictured below].

If users allow this, the script would open the user's browser, navigate to a URL, and download another file.

This file contains the name of the game the user tried to download via the torrent file but packed as an EXE file.

Read more: Campaign Using Fake Gaming Torrents Ramps Up, Spreads Malicious PUAs
 
  • Like
Reactions: harlan4096, frogboy, Jrs30 and 2 others
Rishi

Rishi

Level 19
Verified
Honorary Member
Top Poster
Well-known
Dec 3, 2015
938
This is where virtualization (light or full-blown) can save the day, but better would be to avoid piracy or staying cautious with torrent downloads.Trying to save a few bucks might as well cost you something.
 
  • Like
Reactions: Jrs30 and frogboy
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Noticed this couple of months ago while searching for some infection. On PirateBay, there were a lot of fake torrents. I saved a picture.

i135^cimgpsh_orig.png


23mb Battlefield 3 game :). When I executed that file it installed bunch of PUAs.

Notice number of people that downloaded it :D
 
Last edited:
  • Like
Reactions: jamescv7, xxtoss23, Captain Awesome and 5 others
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Windows UAC would be able to stop the attack, if not for users
Click to expand...

Yes for basic protection however threats are already smarter, in ransomware where can easily bypass UAC even click no.

So at that point, 3rd party programs must enforced.

For torrents, number of seeders + knowledge on the size of file you want to install in order to avoid issues. A typical torrent user should know this.



 
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Fake zero-day PoC exploits on GitHub push Windows, Linux malware
Replies
1
Views
1,526
News Archive
upnorth
upnorth
silversurfer
    • Like
    • +Reputation
    • Wow
Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT
Replies
4
Views
1,295
News Archive
Xeno1234
Xeno1234
Bot
Malware News Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Replies
0
Views
448
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top