Members
Stats
  • Total Posts: 28531
  • Total Topics: 8240
  • Online Today: 928
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Security Shield hacks BitTorrent & uTorrent (download removal tools)  (Read 2221 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Attackers hijacked two popular Bittorrent websites and tampered with their download mechanisms, causing visitors trying to obtain file-sharing software to instead receive malware.

The hacks on bittorrent.com and utorrent.com replaced the sites' standard software downloads with a piece of fake antivirus software known as Security Shield, an advisory warned: http://blog.bittorrent.com/2011/09/13/security-incident/
Anyone who downloaded and installed software from those sites between 4:20 a.m. California time and 6:10 a.m. should scan their systems immediately for infections.

Once installed, Security Shield delivers false reports that a computer is infected with multiple pieces of malware and prompts the user for payment before claiming to disinfect the machine. The attack affected only users who downloaded and installed software from bittorrent.com and utorrent.com during the hour-and-fifty-minute window that the sites were compromised. Those who installed software previously are unaffected.

"We take the security of our systems and the safety of our users very seriously," the Bittorrent advisory stated. "We sincerely apologize to any users who were affected."

(ElReg)


Download SuperAntispyware or/and MalwareByte's to remove Fake AV "Security Shield"!

SuperAntispyware: http://scforum.info/index.php/topic,116.0.html

MaleareByte's:  http://scforum.info/index.php/topic,2201.0.html



Samker's Computer Forum - SCforum.info





Pez

  • SCF VIP Member
  • *****
  • Posts: 723
  • KARMA: 116
  • Gender: Male
  • Pez
Re: Security Shield hacks BitTorrent & uTorrent (download removal tools)
« Reply #1 on: 15. September 2011., 09:50:46 »
Some clarification and updates of this from:
http://blog.bittorrent.com/2011/09/13/security-incident/

Security Incident (Updated 9/14)

 
This morning on 9/13/2011 at approximately 4:20 a.m. Pacific Daylight Time (UTC -7), the uTorrent.com and BitTorrent.com Web servers were compromised. Our standard Windows software download was replaced with a type of fake antivirus “scareware” program. (UPDATE: See below for removal instructions.)
 

Just after 6:00 a.m. Pacific time, we took the affected servers offline to neutralize the threat. Our servers are now back online and functioning normally.
 
We have completed preliminary testing of the malware. Upon installation, a program called ‘Security Shield” launches and pops up warnings that a virus has been detected. It then prompts a user for payment to remove the virus. We recommend anyone who downloaded software between 4:20 a.m. and 6:10 a.m. Pacific time run a security scan of their computer.
 
We take the security of our systems and the safety of our users very seriously. We sincerely apologize to any users who were affected.
 
Clarification: This only affects users who downloaded software specifically from utorrent.com or bittorrent.com between the hours above this morning. Users who previously downloaded our software are not affected.
 
Update #2: After further analysis, we don’t believe BitTorrent.com or the BitTorrent Mainline/Chrysalis clients were part of the incident.
 
Update #3: File Removal Instructions
 
This particular piece of malware renames itself as a different .exe file every time it installs on a new machine. Therefore, first you need to determine the file name. To do this, visit the following File Directory on your Windows hard drive:
 
Windows XP: Click Start, click Run, and then type in “%USERPROFILE%\Local Settings\Application Data\” without the quotes. The file will be called [random].exe
 Windows Vista and Windows 7: Click Start, in the search box type in “%localappdata%” without the quotes. The file will be called [random].exe.
 
To delete the file, first you need to make sure to kill the application first:
 – Open your Task Manager (Control-Alt-Delete), select the [random].exe (the name you found in the file directory). Click “End Process” and select “Yes.”
 
- Next: select the file name (or right-click on the name) and hit Delete.
 
- Empty your trash.


Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Re: Security Shield hacks BitTorrent & uTorrent (download removal tools)
« Reply #2 on: 15. September 2011., 17:51:51 »

Thanks for info's pal...  :thumbsup:


Fireberg

  • SCF Advanced Member
  • ***
  • Posts: 163
  • KARMA: 21
Re: Security Shield hacks BitTorrent & uTorrent (download removal tools)
« Reply #3 on: 21. September 2011., 22:37:04 »
i read this note too late, but thanx for info buddy

Thanx

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising