Spyware Floods In Through BitTorrent

Found on eWEEK on Wednesday, 15 June 2005

Public peer-to-peer networks have always been associated with adware program distributions, but BitTorrent, the program created by Bram Cohen to offer a new approach to sharing digital files, has managed to avoid the stigma.

According to Chris Boyd, a renowned security researcher who runs the VitalSecurity.org nonprofit resource center, the warm and fuzzy world of BitTorrent has been invaded by a massive software distribution campaign linked to New York-based adware purveyor Direct Revenue LLC.

Boyd said he got the first inkling that BitTorrent was a major adware distribution vehicle while searching for the source of Direct Revenue's Aurora, an adware program that includes the prevalent "nail.exe" component. Sifting through mountains of HijackThis logs posted on security forums, Boyd said the answer was staring him in the face. (HijackThis is a popular freeware spyware removal tool that keeps detailed logs of Windows PC scans).

"I expect we'll see more of this, and if the first ever 1GB malware/adware install has a chance of happening anywhere, it will be on file-sharing networks where programs are broken up into pieces. The problem is, you never know what's going to come out the other side," he said.

That's why people should use firewalls. Of course this won't help if you're using the original client; there are many free (and better) alternatives. Your traffic-shaper/monitor should also help you here.

Browse all articles« Previous « » Next »