digg

Join DiggAbout

Discover the best of the web!
Learn more about Digg by taking the tour.

BitTorrent Shrugs Off Massive Malware Attack

torrentfreak.com — Described as “One of the most prevalent pieces of malware in the last three years,” the Downloader-UA.h trojan is running wild on P2P networks. But thanks to its system strength - and the work of torrent site moderators - such outbreaks are shrugged off by BitTorrent.

Bury
show profanity settings
expand all
  • jakash, on 05/10/2008, -60/+11***** THE RIAA AND IFPI!
    THINK THEY CAN ALL SCARE US INTO NOT DOWNLOADING...THEY CANT SCARE BITTORRENT FOR *****!
    WE ARE CLEVERER THAN THOSE LIMEWIRE AND FOLDER SHARING USERS... WE ARENT STUPID AND YOULL NEVER STOP US DOWNLOADING WHAT WE WANT WHEN WE WANT!
    • jakash, on 05/10/2008, -11/+9/angry pirate pride
    • Bananas21ca, on 05/10/2008, -6/+29Too bad this has nothing to do with the RIAA. Malware is made by a different kind of scum
      • AzureRise, on 05/10/2008, -1/+28Actually, they've used cheap tactics like this in the past.
        • KibibyteBrain, on 05/10/2008, -1/+2This time they seem innocent. Its like when Batman was certain the Joker was behind some horrible crime matching his level of depravity, but it ends up after investigation the Joker was still safely locked up in Arkham.
        • TruthKid, on 05/10/2008, -0/+10Sony rootkits come to mind. While not the RIAA I think the connection is blatantly obvious.
    • IllBeBack, on 05/10/2008, -3/+46Calm down and turn your ***** caps lock off.
    • seldon452, on 05/10/2008, -2/+14Ok, I'll give you the drugs just stop hurting that caps lock key!
    • kutateli, on 05/10/2008, -2/+8http://i29.tinypic.com/2i8fxvb.jpg
    • matt.rubin, on 05/10/2008, -1/+25WHAT ARE WE YELLING ABOUT?
      • TruthKid, on 05/10/2008, -2/+5SAMUEL JACKSON, ITS MY BEER. YES THEY DESERVE TO DIE, AND I HOPE THEY BURN IN HELL
    • specialK16, on 05/10/2008, -4/+11MY CAPS LOCK BROKE TOO!
    • psion01, on 05/10/2008, -1/+4Don't forget:

      KNEEL BEFORE ZOD!
    • Fordi, on 05/10/2008, -0/+4But HOORAY for having humans in the loop!

      It's not just moderators; it's also users commenting on the torrents themselves. For example, if I see a 'FAKE!' post, I'll generally find another torrent for what it is I'm after.
      • tacojohn48, on 05/10/2008, -0/+1If only the RIAA or MPAA hasn't gone through and posted fake in the comments to through you off.
    • Buddhist, on 05/10/2008, -1/+7SPARTAAAAAAAAAAAAAAAAAA
  • Lancer010, on 05/10/2008, -2/+78Seed?
    • matt.rubin, on 05/10/2008, -1/+51Come on guys seed I am stuck at 97.3 percent
    • Genma, on 05/10/2008, -0/+211000 seeders and speed is 2 kbs wtf seed
    • Black6x, on 05/10/2008, -2/+1I'm sure the RIAA would be glad to seed this for you.
  • Makaveli604, on 05/10/2008, -7/+61Two words: Private Trackers.
    • alienunknown, on 05/10/2008, -16/+49Not using windows also works :)
      • Makaveli604, on 05/10/2008, -7/+26Ah yes, wasting time downloading malware must be enjoyable on a mac..

        Fanboy logic?
        • Tanath, on 05/10/2008, -6/+14Better than wasted time + infection, which = more wasted time.
        • doshindude, on 05/10/2008, -3/+7Is that all you use a mac for? if so then congrats, you've wasted 3,000 bucks for a function that comes free on PCs.
      • dbr_onix, on 05/10/2008, -0/+17Not downloading thisisporn-notatrojan.jpg.bmp.img.gif.exe.torrent still works fine too. Reading the torrent comments is also useful (for the most part - if every single comment is "BESTEST APPLICATOIN EVER'ST", you should probably be slightly cautious, but if it is a virus or such there will normally be comments to say so)
        • kindrobot, on 05/10/2008, -0/+3Thank you. I was wondering when some basic common sense would invade this topic.
          Recognizing these things has always been extremely easy.
        • doshindude, on 05/10/2008, -0/+2downloading anything in a language other than english usually runs into problems as well, as I've learned from experience.
        • danielsamuels, on 05/10/2008, -0/+2@doshindude: Stop downloading Asian porn.
      • matt.rubin, on 05/11/2008, -1/+1Ha good luck finding useful stuff if you're not on windows
    • mali1, on 05/10/2008, -14/+1Soo... anyone got a demonoid invite?
    • whyufail, on 05/10/2008, -5/+3Two words, no seeders
      • Makaveli604, on 05/10/2008, -1/+4On Public trackers, yes.
      • Makaveli604, on 05/10/2008, -1/+6If you mean on private, you have clearly never been a member because ethe entire point is that more people seed because they have a ratio.
        • Fordi, on 05/10/2008, -3/+5Not me. I donate and leech.

          Call me a coward or a leech or whatever, but liability limitation is more important to me than street cred.
          • Makaveli604, on 05/11/2008, -0/+1Perhaps, but the majority seeds, or even better seedboxes.
            Even 2-3 seedboxes will give a tracker speeds high enough to max your connection. Most trackers have 20~ish active at a time.
    • b4ckst4bb, on 05/10/2008, -7/+4How about private trackers that actually stay up.
      • Makaveli604, on 05/10/2008, -0/+6You mean like TorrentDamage, Goem, Hdbits, Libble, RevoTT, SCC, ScT, STMusic, Supertorrents, thebox, TL, waffles, what, and x264 to name a few?
        • roflganker, on 05/10/2008, -7/+2HEY GUYS LOOK AT ME
        • Fordi, on 05/10/2008, -0/+12Demonoid's back, as well, by the by.
        • doyoumrjones, on 05/10/2008, -1/+3There's that many private trackers? Damn, I'm so not in the loop.
          • xXShadowstormXx, on 05/10/2008, -0/+2There's much, much more.
          • jon30041, on 05/10/2008, -1/+1I only knew about waffles and what...
          • Makaveli604, on 05/11/2008, -0/+1There is countless, but I listed the major ones. (Altho, Torrentdamage is minor it's just first in my list of favourites for whatever reason)

            if your a member of what or waffles, they have a list of 50+ private trackers
    • SkinnyPuppy, on 05/10/2008, -1/+11Four Letters: RIAA (...***** 'em).
  • aydoubleyou, on 05/10/2008, -12/+4rabble rabble rabble rabble!
  • soupr, on 05/10/2008, -3/+118what, so mileyxxx.jpg.exe wasnt legit?
    • MacSuxWindozSux, on 05/10/2008, -0/+28That's why I always set the computer to show filename extensions.
      • bjornski, on 05/10/2008, -2/+15Anyone who shuts that off is a moron.
      • knight666, on 05/10/2008, -0/+24Why the hell did Microsoft decide to hide extension names by default?
        • thejynxed, on 05/10/2008, -0/+20Because they didn't want the typical end user messing with anything that didn't have a .txt, .doc, .xls, .jpg, etc extension. What they didn't have the foresight to notice, was that hiding executable extensions allowed the nonsense we see now, where it''s trivial to disguise malware by attaching a .txt, etc into the filename before the .exe, .com, .bat, .vbs, etc

          It's a case of not thinking things through. People do that, and every programmer is guilty of it at one point or another.

          And this is why we will never, ever see bug-free code made by humans. Or a perfect UI, etc, etc.
        • Tenoq, on 05/11/2008, -0/+1To be more like a Mac.
    • Ouze, on 05/10/2008, -1/+9Why don't you have a seat over there.
  • alx1507, on 05/10/2008, -9/+44Since when does an article have to be about the RIAA to say it?
    ***** THE RIAA.
  • amanilaenvelope, on 05/10/2008, -6/+22MPAA, RIAA,and Comcast.
    What now bitches?!
    • bjornski, on 05/10/2008, -0/+5Comcast has been letting my seeds reach 120k up lately. I haven't complained much.

      I don't have a problem with what I grab at my place, but I spent the weekend there, and grabbed ONE FILE I wanted from his house, and the (Comcast there too) send that "copyright notice" letter out right away. So it really does depend on area. I'm only about 30 miles away, but it's like we're running by different rules. Either that, or they just suck at enforcement once you reach dense city limits.

      Dunno. My seeds are working. I'm not saying I"m HAPPY with Comcast, but I don't have as much reason to bitch about them right now (on the ISP side. talk about cable, and I could get into pages of complaints too).

      The second there's a competing company in the area, we're leaving them though. Not a question.
    • doshindude, on 05/10/2008, -0/+1An epic win combination?
  • thinman1189, on 05/10/2008, -2/+4For a minute I thought they meant that someone was directly attacking BitTorrent the company. In any case, it's not hard to believe that a lot of malware would be detected simply by people with, even moderate, technical know-how moderating the trackers.
  • wonderchemist, on 05/10/2008, -10/+3Unless the infection rate is zero, then I would argue the attack wasn't shrugged off any more then running windows updates shrugs off attacks on windows.
  • xkorbin, on 05/10/2008, -16/+9I honestly, loved BitTorrent forever.
    Until a friend told me about UseNet.
    Bought an account, not looking back.
    BitTorrent, however, has a special place in my heart for the easier file-finding capability (exception being good NZB sites). But Speed is completely incomparable.
    • kigabit, on 05/10/2008, -1/+16Great advertisement and all, but I already max out my connection with bittorrent. So you'll excuse me if I find the speeds entirely comparable. Oh, right, and you don't have to pay for bittorrent too. Yeah, there's that.
    • D4CH, on 05/10/2008, -1/+6I tried the usenet trial once. And yes, it maxed out my 10/10 connection, but then I went on one of the private trackers and maxed out my 10/10. UseNet = Only downloading. Torrent = Sharing. I like sharing.
    • 1randomguyO8, on 05/10/2008, -1/+5Really? I downloaded a 1gig file in less then 2 hours with bittorrent, good enough for me.
    • eFiniTi, on 05/10/2008, -0/+10The first rule about usenet is..
    • rentmitchum, on 05/10/2008, -0/+5Ok on this usenet, can I get MacGyver? The torrent I'm getting now is going about 20 kbps and it's like 40 gigs.. lol.. Easier to watch them on CBS.com but I want them around for reference. Yes, I have a need to reference MacGyver.
    • ErrorS, on 05/10/2008, -1/+3usenet is a mess.. i'll admit public trackers can be a bit iffy, but most of the time they work out OK.
      Private trackers are where it's at though..
  • ethana2, on 05/10/2008, -15/+2Pssh. Malware. Can you hear all those AIDS patients freaking out about the next flu season?
    I'm glad I don't have that disease. I'm of the opinion that people who use windows deserve what they get.
  • goonerzilla, on 05/10/2008, -18/+2Bittorrent FTW!
    Bittorrent rocks!
    All hail Bittorrent!
    Bittorrent saves!
    Bittorrent is god!
    Bittorrent cleanses you!
    Bittorrent Bittorrent Bittorrent!
    Yeaaaaaaaaaaaah!!!!!

    Woh, Woh, Woh!

    I just meant to say, " ***** THE RIAA"
  • PeckerSlap, on 05/10/2008, -5/+28HELL YEAH IM A ***** TORRENT FREAK
  • Raptor007, on 05/10/2008, -1/+15I have very little doubt this is deliberately done by firms on the payroll of the RIAA and MPAA.
  • b4ckst4bb, on 05/10/2008, -4/+1How the hell would you even find this in torrent search results?
  • btsmu, on 05/10/2008, -7/+1Has anyone notified homeland security about this malware stuff? it sounds like a sinister plot. Having never downloaded any music i have diplomatic immunity from such problems.. i will stick with the old LPs and 8 Tracks and the newer cassettes...all this modern musical mayhem is moving too fast. My Hi-Fi will not play CDs let alone MP3s or memory sticks. One thing about an LP though, besides the many scratches, they never harbored secret files or melmacware, err... malware. btsmu
  • Snuffs, on 05/10/2008, -2/+39can't sink our pirate ship bitches
  • Hobolord, on 05/10/2008, -8/+3Sorry for being noob, I rarely use torrents though. Could someone tell me what made it obvious that the torrent files were fakes?

    • rentmitchum, on 05/10/2008, -0/+6This isn't about fake torrent files. It's about fake files in the P2P networks and torrent site's general lack of them.
      • Hobolord, on 05/10/2008, -0/+3So what would raise a ref flag for you if you saw any of these torrent names, (that were posted in the article)

        preview-t-3545425-adult.mpg
        preview-t-3545425-changing times earth wind .mp3
        preview-t-3545425-meet bambi in kings harem.mp3
        preview-t-3545425-middle eastern chick.mpg
        preview-t-3545425-theme godfather.mp3
        t-3545425-bentley bizzle.mp3
        t-3545425-haloween special.mp3
        t-3545425-just got lucky.mp3
        t-3545425-peanut butter jelly amende.mp3
        • thejynxed, on 05/10/2008, -0/+0The t-3545425 is a dead giveaway. No normal torrent uploader puts stupid ***** like that in their torrent names. Release group names, yes, stupid ***** that looks like it was automatically generated, no.
      • rentmitchum, on 05/11/2008, -0/+2Comments page or if you're resorting to Limewire, if you can't tell (which is rare if you've used P2P networks for any amount of time) or if you're just paranoid you can right click a search hit and go to the Bitzi lookup thing. Usually any of the virus/malware type files are flagged on there. If it's "Unknown Bitprint" it's usually ok if the filename isn't retarded... I dunno, you can usually just tell if it's bad, I don't know how to describe how I do it. I just know I haven't had malware of any kind in like 3 years, and that time was my girlfriend's doing.
    • Fordi, on 05/10/2008, -0/+12Usually?

      1) Very small file size for something that should be large
      2) .exe extensions on torrents that should be media
      3) 'FAKE' posted in the comments on a torrent page
  • tnoy, on 05/10/2008, -1/+8Was it really be a "massive" attack if it was just shrugged off?
    • blagoaw, on 05/10/2008, -0/+6Indeed. Can something exist without being perceived?
    • victorycig, on 05/10/2008, -1/+2Massive because "up to 27% of P2P users" on other non-bittorrent networks were infected.
  • rentmitchum, on 05/10/2008, -1/+3The reasons to use Limewire or other such networks anymore elude me. Single songs are the only reason I resort to that awful crap. No Limewire, I don't want an iPod. At least I know I could download one, 700 mb's lol.
    • verkon, on 05/10/2008, -0/+4well, sometimes there is stuff on the Gnutella network or the eDonkey network that doesn't appear to often on torrent trackers.
    • gost3, on 05/10/2008, -1/+0yeah... like the malware attack
    • doshindude, on 05/10/2008, -0/+1LimeWire is terrible except for if you're looking for just single songs. Most of the time though, I can't get the damn program to connect to LimeWire's network and it takes 10 minutes to load (like, seriously, WTF's up with that?).
  • rasmasyean, on 05/10/2008, -0/+3So are they implying that those anti-piracy orgs had something to do with the Malware?
  • thejynxed, on 05/10/2008, -3/+0Another reason that malware on your typical p2p app works when it fails on BT: proper hashing/checksums. The hashing used by your typical p2p client has all been cracked/bypassed to allow files with malware payloads to have the same hash values as legitimate files. The strongest hashing I found outside of BT was used by DC++, and that was Tiger Tree, but I've heard that even that has been compromised within the last two or three years.

    Personally, I verify checksums, file names, etc even when using BT. It's only common sense really.
  • WomensUnderwear, on 05/10/2008, -0/+11Buried as inaccurate. I have downloaded three Massive Attack albums via torrent.
  • HydrogenOxide, on 05/10/2008, -2/+1www.avg.com

    AVG 2008 is GodLike
    • sKiLLa182, on 05/10/2008, -0/+3I still think nothing beats NOD32. Much more lightweight and less invasive than AVG.
    • doshindude, on 05/10/2008, -0/+3AVG 8 sucks now. They made all the features paid version only. Avast has officially surpassed AVG in terms of awesome.
    • maumac, on 05/10/2008, -2/+1distrowatch.com
  • Pigeon, on 05/10/2008, -1/+2Wait.... wasn't the track they used by Girls Aloud? Of course it shrugged it off, who would download let alone buy that crap.
  • humboldt79, on 05/10/2008, -0/+2How do you download?
  • Ingestre, on 05/10/2008, -0/+0i just managed to get rid of this little bstard!!! pain in the friggin ass!! Malwarebytes' Ant-Malware saved the day! nice one!
    • Lunarbunny, on 05/10/2008, -0/+2You admit you're stupid enough to download and run this *****?
  • DemsFTW, on 05/10/2008, -0/+2I'll clean that trojan off with my WinFixer. I don't know where is came from, but it's so helpful.
    (LMAO)
  • debuffplx, on 05/10/2008, -5/+1Torrents are for people who are too dumb to realize there are better, and more efficient means of downloading (usenet). And too dumb to regulate their own content.
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.