Check Point cybersecurity experts: The RAT is managed over the platform, communicating with the attacker’s C&C server and exfiltrating data to it.
Torrent’ users cyber security is at high risk. It’s confirmed by a Yoroi-Yoryi-Cybaze expertiment. The researchers downloaded files of 3 different categories: Movies, Games and Software. Most of them, regardless the seeder, contain malware
Torrent users around the world are at high risk of cyber attacks. It has confirmed by Yoroi-Cybaze cyber security experts, who conducted a study on the risks related to the use of the protocol. They downloaded torrents belonging to 3 different categories of interest: Movies, Games and Software. They searched for 2 highly anticipated films : “The Avengers 4” and “Joker” for the “Movies” category, for the “Games” category they search for “Fortnite”, one of the most played videogame and, for the “Software” category they searched for some of the most requested software of this moment, “Nero Burning Rom”, “Adobe Photoshop Lightroom” and “Malwarebytes Premium”. Experts discovered that most of the files contains well-known malware that are currently detected by most anti-viruses, and, also, most of the malicious torrents have a good reputation in terms of seeders.
In January Malwarebytes cyber security researchers discovered a malvertising campaign with cyber attacks in two phases, linked to torrent. On the other hand, weaponizing a file it’s very easy
Creating a torrent with a malware, in fact, it’s very easy and it doesn’t request to be a hacker or an IT experts. Using μTorrent, the popular torrent client, the malicious file can be created in a few steps. Simply clicking on “Create New Torrent” on the top menu, providing the filepath to the executable malicious code and clicking on “Create” button. Just three easy steps. However the torrent users have been targeted since a long time. At the beginning of the year, Malwarebytes cyber security researchers discovered a malvertising campaign with cyber attacks in two phases. In the first, is inoculated a malware (Vidar) that steals data and information. In the second, a ransomware (GandCrab) that encrypts victims’ files and asks them for a ransom to unlock them.