Hackers Booby Trap uTorrent Downloads with Malware

Paul Lilly

Ruh-roh Shaggy, peer-to-peer file sharing just became a little more dangerous. Hackers up to no good (and no, those two don't always go hand-in-hand) set their sights on BitTorrent.com and uTorrent.com, sneaking in the back and replacing legitimate downloads with tainted copies brimming with malware.

"This morning at approximately 4:20 a.m. Pacific Daylight Time (UTC -7), the uTorrent.com and BitTorrent.com Web servers were compromised. Our standard Windows software download was replaced with a type of fake antivirus 'scareware' program," BitTorrent stated in a blog post yesterday .

BitTorrent initially reported that hackers compromised downloads on BitTorrent.com as well, but later stated "After further analysis, we don't believe BitTorrent.com or the BitTorrent Mainline/Chrysalis clients were part of the incident."

BitTorrent.com unplugged uTorrent's affected servers less than two hours after the security breach and have since neutralized the threat and put them back online. Those who downloaded and installed a compromised build during that short window would have been greeted to a fake AV program called "Security Shield" that bombards users with popups and solicits payment to remove the virus.

Around the web