Skip

DOWNLOADING IS WRONG
January 6, 2009 6:06 AM   Subscribe

A new trojan is on the loose. It doesn't install any harmful adware/spyware, but does block both mininova and the Pirate Bay.
posted by azarbayejani (26 comments total) 3 users marked this as a favorite

 
Whoever wrote this virus didn't make life too hard for downloaders since "manually removing the entries from the hosts file solves the problem." Hell, that's the first place I'd look if a site was resolving to localhost.
posted by waxboy at 6:15 AM on January 6, 2009 [1 favorite]


If it doesn't block btscene or isohunt I'm alright with it.
posted by P.o.B. at 6:17 AM on January 6, 2009


Is MetaFilter now a virus alert service, or what?
posted by beagle at 6:21 AM on January 6, 2009 [1 favorite]


This sounds like it's probably good news, but let me do some figuring first

One Wrong
One Wrong +
---------------------
????????????
posted by DU at 6:22 AM on January 6, 2009 [1 favorite]


I agree with Torrent Freak's opinion that this isn't the work of the RIAA or some such legal mechanism but some uppity prankster. The RIAA, MPAA, etc all seem to benefit more from tracking downloads then filing lawsuits rather than sealing the honey pot.
posted by Burhanistan at 6:22 AM on January 6, 2009 [2 favorites]


One wrong + one wrong = not a linear conclusion.
posted by Burhanistan at 6:22 AM on January 6, 2009


Something that easy to clean up barely counts as a virus. I'd call it a prank.

So how about that Twitter dust-up yesterday? Both phishing and exposed admin tools?
posted by These Premises Are Alarmed at 6:23 AM on January 6, 2009


Or what Burhanistan said. Blocking download screws their revenue model.
posted by These Premises Are Alarmed at 6:24 AM on January 6, 2009


"Something that easy to clean up barely counts as a virus. I'd call it a prank. "

Malware types are not defined by how easy they are to fix but by their method of propagation. You're right, this isn't a virus. It's a Trojan Horse.
posted by nthdegx at 6:32 AM on January 6, 2009


Is this where I get to say "Is this something I have to use Windows to give a shit about?" Because my Mac tells me I want to say that.

(Until I go home and start up my Windows box, then I'll revert to making fun of Mac fanbois again.)

Also, anyone downloading software keygens ought to know better than to run them on their primary system. VirtualPC + confirm changes before committing to virtual HD = a decent sandbox for testing to be certain you aren't hosing your actual system just to avoid paying for some $30 shareware.
posted by caution live frogs at 6:39 AM on January 6, 2009


The RIAA, MPAA, etc all seem to benefit more from tracking downloads then filing lawsuits rather than sealing the honey pot.

Recently on the blue.
posted by mandal at 6:46 AM on January 6, 2009


Also, anyone downloading software keygens ought to know better than to run them on their primary system. VirtualPC + confirm changes before committing to virtual HD = a decent sandbox for testing to be certain you aren't hosing your actual system just to avoid paying for some $30 shareware.

The funny thing is that the moderation at even the biggest free-for-all torrent sites is tight enough that posting a malicious file disguised as something useful isn't very effective. From the article:

The bad torrent was removed from The Pirate Bay soon after users commented that the key generator didn’t work, but it is safe to assume that this is not the first and only attempt to spread a trojan like this one.

The vast majority of files posted on such sites are clean, enough so that the threat of accidentally running malware is relatively low even for people who don't take any precautions. You'll be much more likely to load something bad on your system by clicking the "Free virus scan!" ads next to the torrent links than you are when you download illegal software cracks. These days you might even have a better chance of screwing up your system by installing the legitimate DRM version of a given application or game rather than a random unverified cracked version, which is a sad state of affairs.
posted by burnmp3s at 8:00 AM on January 6, 2009 [3 favorites]


Watch out for the "cup of coffee" trojan, if you spill it on your keyboard, it can be difficult to remove.
posted by Wolfdog at 8:10 AM on January 6, 2009 [3 favorites]


"The bad torrent was removed from The Pirate Bay soon after users commented that the key generator didn’t work, but it is safe to assume that this is not the first and only attempt to spread a trojan like this one."

So, when it is helpful to Pirate Bay, it will take down something, but for the rest of the world it's a big "f'you". Got it.

Anyway, this is a pretty stupid way to get a point across - lowering yourself to the level of a malicious hacker. That said, don't assume that even an easy fix will be easily fixed by most people. I assume this will be cleaned up as most malicious software issues are cleaned up - through patches and updated malware protection programs.
posted by Muddler at 8:26 AM on January 6, 2009


A site like The Pirate Bay is estimated
to generate 9 million dollars a year for
its owners. Minus hosting, updating and
bandwidth, that's still a large chunk of
change. It is in their best interests to
ensure that their files are clean. Once
a site gets a rep for directing to trojans,
there goes their golden egg.
posted by Sully at 8:33 AM on January 6, 2009


Was that a prose poem?
posted by stupidsexyFlanders at 8:50 AM on January 6, 2009 [1 favorite]


If it has line breaks, it's just a poem.
posted by sondrialiac at 9:07 AM on January 6, 2009 [1 favorite]


Thank god - all that whiny legal action from the RIAA and MPAA was getting on my nerves. Today, anti-pirate lobby, you are men.
posted by Salvor Hardin at 9:25 AM on January 6, 2009


burnmp3s wrote "The vast majority of files posted on such sites are clean"

Well, looking at your user name something tells me you probably know what you're talking about here.
posted by caution live frogs at 9:26 AM on January 6, 2009 [3 favorites]


Well, looking at your user name something tells me you probably know what you're talking about here.

Yeah, I'm not sure if my handle lends me as much cred when I'm explaining FDIC insurance over in AskMe. Believe it or not I know most of what I know about software cracks from when I used to be a shareware developer. That was pre-BitTorrent though.
posted by burnmp3s at 9:57 AM on January 6, 2009


...generate 9 million dollars a year for
its owners. Minus hosting, updating and
bandwidth...


You also forgot lawyers' fees. That $9 million number is fabricated anyway. According to the owners, they actually pull in less than $3 million a year, which considering their high profile, large bandwidth usage, and constant legal battles, is unlikely to even cover their costs. You can read a response from the captain with ArsTechnica here.
posted by sophist at 11:14 AM on January 6, 2009


One of its victims, who got the trojan from downloading a torrent from The Pirate Bay, contacted TorrentFreak. He told us: “I didn’t follow the well established rules of downloading. It was a file with a low number of seeds, many leechers and no comments.

Well, there's your problem right there. Never, ever, ever download a torrent that hasn't been commented on by established members of your torrent community, unless you are one such member, and have a test machine to try out new torrents on. There's absolutely no reason why anyone should be vulnerable to this prank.
posted by Marisa Stole the Precious Thing at 12:20 PM on January 6, 2009


>According to the owners, they actually pull in less than $3 million a year, which considering their high profile, large bandwidth usage, and constant legal battles, is unlikely to even cover their costs.

Piracy and file-sharing isn't usually about money-- it's about being liked and admired.

"Look, I brought home some woolly mammoth meat for everyone. Please love me!"
posted by darth_tedious at 2:56 PM on January 6, 2009


So, when it is helpful to Pirate Bay, it will take down something, but for the rest of the world it's a big "f'you". Got it.

What the Pirate Bay is doing is legal in their country, though with US government strongarming of the swedish government, it admittedly may not be for much longer. Sweden doesn't have the vicarious or contributory copyright offences that got napster etc shut down in the US, so assisting others to commit copyright infringement is legal. Many swedes see it as a matter of free-speech, or so I'm told.

Imagine for a moment if say, Dubai started demanding the shutdown or removal of content of US-based gambling and porn websites, because they're illegal in dubai. Or China decided to order a US political website to take down information supportive of tibet. I imagine the US sites in question would tell them f' off, or at the very least, laugh at them for trying to enforce their laws outside their border in a country where those activities are not illegal.

Well, you know what? That's exactly what happens when a US company sends a US DMCA notice to a company based in a country not subject to US law. And then said company gets pissy and threatens all sorts of dire consequences for failing to follow said US law, when swedish law does not have the DMCA, or even similar laws.

The US government does not rule the world, and US corporations do not get to dictate that the rest of the world follows US law just yet.
posted by ArkhanJG at 3:49 PM on January 6, 2009 [9 favorites]


I wish I could favorite your post 1000 times, ArkhanJG. The Pirate Bay has the right to say f you to the US government because the US government has no right to stick its nose in their business.
posted by azarbayejani at 4:28 PM on January 6, 2009 [1 favorite]


What is this world coming to when we can't even trust our hackers to be malicious?
posted by cmchap at 1:02 AM on January 7, 2009


« Older Buddy, can you spare a dollar?   |   A Guardian interview with Lynndie England Newer »


This thread has been archived and is closed to new comments



Post