Language Selection

English French German Italian Portuguese Spanish

Spyware Floods In Through BitTorrent

Filed under
Security

BitTorrent, the beloved file-sharing client and protocol that provides a way around bandwidth bottlenecks, has become the newest distribution vehicle for adware/spyware bundles.

Public peer-to-peer networks have always been associated with adware program distributions, but BitTorrent, the program created by Bram Cohen to offer a new approach to sharing digital files, has managed to avoid the stigma.

Not any more, anti-spyware advocates warn.
According to Chris Boyd, a renowned security researcher who runs the VitalSecurity.org nonprofit resource center, the warm and fuzzy world of BitTorrent has been invaded by a massive software distribution campaign linked to New York-based adware purveyor Direct Revenue LLC.

"This is the marketing campaign to end all marketing campaigns," said Boyd, the Microsoft Security MVP (most valuable professional) known throughout the security industry by the "Paperghost" moniker.

In an e-mail interview with Ziff Davis Internet News, Boyd said rogue files have popped up occasionally in BitTorrent land but those were usually just random executables. "This is the first time I've seen a definite money-making campaign with affiliates, distributors and some pretty heavy-duty adware names," he added.

Boyd said he got the first inkling that BitTorrent was a major adware distribution vehicle while searching for the source of Direct Revenue's Aurora, an adware program that includes the prevalent "nail.exe" component. Sifting through mountains of HijackThis logs posted on security forums, Boyd said the answer was staring him in the face. (HijackThis is a popular freeware spyware removal tool that keeps detailed logs of Windows PC scans).

Full Story.

More in Tux Machines

grep-2.21 released [stable]

This is to announce grep-2.21, a stable release. There have been 94 commits by 3 people in the 25 weeks since 2.20. Read more Also: GNU Parallel 20141122 ('Rosetta') released

SUSE invests in software-defined storage

SUSE, the enterprise Linux company, is working on its own storage solution using open-source Ceph: SUSE Storage. Read more

Linux 3.18-rc6

Steady progress towards final release, although we still have a big unknown worry in a regression that Dave Jones reported and that we haven't solved yet. In the process of chasing that one down, there's been a fair amount of looking at various low-level details, and that found some dubious issues, but no smoking gun yet. But that explains some of the patches in rc6.. Read more

Open Source Code Contains Fewer Defects, But There's a Catch

Research suggests that software developed using open source code contains fewer defects than that built with proprietary code. The catch is that open source code rarely benefits from security teams specifically tasked with looking for bugs. Read more