May 25, 2015 guardaley_alfred

Torrent visitors should be aware of ransomware attack

SubTorrents.com is a popular file-sharing site in Spain and Latin America that is believed to be silently infecting site visitors with a Trojan. With their Fiesta Exploit Kit, users are subjected to a silent redirection leading them to a malicious payload.

When downloading illegal torrents, users are mostly misled and instructed to navigate to a series of ads and pop-ups containing ransomware. This type of malware infects and demands a ransom so hackers won’t restrict users full access to their computer system.

How it works

At the beginning of the attack, the code checks a cookie that is placed on the user’s machine. It marks the PC as already hit and possibly infected. Jerome Segura, senior security researcher at Malwarebytes Labs, said “Rather than directly inserting a malicious iframe to the exploit kit landing, they chose to build it on the fly by retrieving the content from an external .js.”

The risks

When torrent visitors download movies or music, they save a few bucks; however, the risks are greater such as getting infected by malware. The ransomware could encrypt all the files of the users including the movies that they downloaded. This malware deliver threats, and users could be held for ransom. Aside from that, these copyright infringers will be pursued by copyright enforcers.

What should you do?

In order to stay safe, you should always update your software. Install antivirus systems to protect your computer from attacks. But, to avoid the risks altogether, you should ultimately stop visiting torrent sites. Remember, downloading movies illegally is a crime and it can cost you more than the price of a movie ticket or a DVD.

Tagged: ,