Posted by: Robert Westervelt
BitTorrent, P2P, Rogue Antivirus
Popular P2P file sharing company said its systems were breached Tuesday, enabling an attacker to replace its uTorrent client download with scareware.
BitTorrent Inc., which creates popular P2P file sharing software, said it discovered a breach of its systems Tuesday enabling an attacker to replace a file download of its uTorrent client with a scareware program.
The San Francisco-based company said the breach took place at 7:20 a.m. ET and lasted nearly two hours. Anyone attempting to download the standard Windows version of uTorrent would have instead downloaded a fake antivirus program.
BitTorrent said in its blog that the rogue program is called “Security Shield,” and performs like other rogue antivirus programs, popping up phony virus detection warnings and prompting users for payment to remove the bogus discoveries. The company said it made the discovery and immediately took the affected servers offline. It urged users who may have downloaded software between 7:20 a.m. and 9:10 a.m. ET to scan their machines for malware.
“We take the security of our systems and the safety of our users very seriously,” the company said. “We sincerely apologize to any users who were affected.”
After a security analysis, the company determined that neither BitTorrent.com nor the BitTorrent Mainline/Chrysalis clients were compromised in the attack.