Bittorrent.com's software download hacked to serve malware
File-sharing with fake AV
Attackers hijacked two popular Bittorrent websites and tampered with their download mechanisms, causing visitors trying to obtain file-sharing software to instead receive malware.
The hacks on bittorrent.com and utorrent.com replaced the sites' standard software downloads with a piece of fake antivirus software known as Security Shield, an advisory warned. Anyone who downloaded and installed software from those sites between 4:20 a.m. California time and 6:10 a.m. should scan their systems immediately for infections.
Once installed, Security Shield delivers false reports that a computer is infected with multiple pieces of malware and prompts the user for payment before claiming to disinfect the machine. The attack affected only users who downloaded and installed software from bittorrent.com and utorrent.com during the hour-and-fifty-minute window that the sites were compromised. Those who installed software previously are unaffected.
"We take the security of our systems and the safety of our users very seriously," the Bittorrent advisory stated. "We sincerely apologize to any users who were affected." ®