Language Selection

English French German Italian Portuguese Spanish

Spyware Floods In Through BitTorrent

Filed under
Security

BitTorrent, the beloved file-sharing client and protocol that provides a way around bandwidth bottlenecks, has become the newest distribution vehicle for adware/spyware bundles.

Public peer-to-peer networks have always been associated with adware program distributions, but BitTorrent, the program created by Bram Cohen to offer a new approach to sharing digital files, has managed to avoid the stigma.

Not any more, anti-spyware advocates warn.
According to Chris Boyd, a renowned security researcher who runs the VitalSecurity.org nonprofit resource center, the warm and fuzzy world of BitTorrent has been invaded by a massive software distribution campaign linked to New York-based adware purveyor Direct Revenue LLC.

"This is the marketing campaign to end all marketing campaigns," said Boyd, the Microsoft Security MVP (most valuable professional) known throughout the security industry by the "Paperghost" moniker.

In an e-mail interview with Ziff Davis Internet News, Boyd said rogue files have popped up occasionally in BitTorrent land but those were usually just random executables. "This is the first time I've seen a definite money-making campaign with affiliates, distributors and some pretty heavy-duty adware names," he added.

Boyd said he got the first inkling that BitTorrent was a major adware distribution vehicle while searching for the source of Direct Revenue's Aurora, an adware program that includes the prevalent "nail.exe" component. Sifting through mountains of HijackThis logs posted on security forums, Boyd said the answer was staring him in the face. (HijackThis is a popular freeware spyware removal tool that keeps detailed logs of Windows PC scans).

Full Story.

More in Tux Machines

Q4OS 1.6, Orion

The significant Q4OS 1.6 'Orion' release receives the most recent Trinity R14.0.3 stable version. Trinity R14.0.3 is the third maintenance release of the R14 series, it is intended to promptly bring bug fixes to users, while preserving overall stability. The complete list and release notes you will find on the Trinity desktop environment website. New Q4OS 1.6 release includes set of new features and fixes. The default desktop look has been slightly changed, Q4OS 'Bourbon' start menu and taskbar has been polished a bit and has got a few enhancements, for example the icons size varies proportionally to the system panel. Native Desktop profiler tool has got new, optimized 'software to install' list. Read more

Learning More About Explicit Fencing & Android's Sync Framework

With the sync validation framework leaving the staging area in Linux 4.9 and other work going on around the Android sync framework and explicit fencing, this functionality is becoming a reality that ultimately benefits the Linux desktop. Collabora developer Gustavo Padovan presented at this week's LinuxCon 2016 conference about explicit fencing support in the mainline kernel with a "new era of graphics." Read more

Ubuntu Leftovers

Leftovers: Software Development

  • fakecloud
  • A new version of pristine-tar
  • Getting RSS feeds for news websites that don’t provide them
    On the technical side, this seems to be one of the most stable pieces of software I ever wrote. It never crashed or otherwise failed since I started running it, and fortunately I also didn’t have to update the HTML parsing code yet because of website changes. It’s written in Haskell, using the Scotty web framework, Cereal serialization library for storing the history of the past articles, http-conduit for fetching the websites, and html-conduit for parsing the HTML. Overall a very pleasant experience, thanks to the language being very convenient to write and preventing most silly mistakes at compile-time, and the high quality of the libraries.
  • Quick Highlight
    Martin Blanchard put together a new “quick highlight” plugin for Builder this last week. It was a great example of how to submit a new feature, so I just wanted to highlight it here. Post to bugzilla, attach a patch, and we will review quickly and help with any additional integration that might be necessary.