Attackers hijacked two popular Torrent websites "bittorrent.com and utorrent.com" and tampered with their download mechanisms, causing visitors trying to obtain file-sharing software to instead receive malware. The site reported on its blog that the attack had occurred at around 04:20 Pacific Daylight Time (11:20 GMT) on Tuesday. Initially, the incursion was also thought to have affected the servers of the main BitTorrent site, but further investigation revealed this site had been unaffected by the attack.
Once installed, Security Shield delivers false reports that a computer is infected with multiple pieces of malware and prompts the user for payment before claiming to disinfect the machine. The attack affected only users who downloaded and installed software from bittorrent.com and utorrent.com during the hour-and-fifty-minute window that the sites were compromised. Those who installed software previously are unaffected.
"We have completed preliminary testing of the malware. Upon installation, a program called 'Security Shield" launches and pops up warnings that a virus has been detected. It then prompts a user for payment to remove the virus. " experts write on the blog.
It is very important to once more note that infected are only users who have downloaded the software between 4:20 a.m. and 6:10 a.m. Pacific time. If you have previously downloaded it - you can rest assured your software is clean.
Once installed, Security Shield delivers false reports that a computer is infected with multiple pieces of malware and prompts the user for payment before claiming to disinfect the machine. The attack affected only users who downloaded and installed software from bittorrent.com and utorrent.com during the hour-and-fifty-minute window that the sites were compromised. Those who installed software previously are unaffected.
"We have completed preliminary testing of the malware. Upon installation, a program called 'Security Shield" launches and pops up warnings that a virus has been detected. It then prompts a user for payment to remove the virus. " experts write on the blog.
It is very important to once more note that infected are only users who have downloaded the software between 4:20 a.m. and 6:10 a.m. Pacific time. If you have previously downloaded it - you can rest assured your software is clean.