Security Bytes

Sep 14 2011   2:57PM GMT

BitTorrent announces breach of its uTorrent systems

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Popular P2P file sharing company said its systems were breached Tuesday, enabling an attacker to replace its uTorrent client download with scareware.

BitTorrent Inc., which creates popular P2P file sharing software, said it discovered a breach of its systems Tuesday enabling an attacker to replace a file download of its uTorrent client with a scareware program.

The San Francisco-based company said the breach took place at 7:20 a.m. ET and lasted nearly two hours. Anyone attempting to download the standard Windows version of uTorrent would have instead downloaded a fake antivirus program.

BitTorrent said in its blog that the rogue program is called “Security Shield,” and performs like other rogue antivirus programs, popping up phony virus detection warnings and prompting users for payment to remove the bogus discoveries. The company said it made the discovery and immediately took the affected servers offline. It urged users who may have downloaded software between 7:20 a.m. and 9:10 a.m. ET to scan their machines for malware.

“We take the security of our systems and the safety of our users very seriously,” the company said. “We sincerely apologize to any users who were affected.”

After a security analysis, the company determined that neither BitTorrent.com nor the BitTorrent Mainline/Chrysalis clients were compromised in the attack.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: