uTorrent web servers compromised Windows app replaced with fake antivirus

first_imgIf you use BitTorrent, then chances are you have either downloaded and used, or had the uTorrent application recommended to you. It’s a very lightweight, user-friendly, and a fast piece of software for downloading and managing your torrents.Unfortunately, yesterday uTorrent’s web servers were compromised by a hacker. This happened at 4:20am PST, and uTorrent’s web server team didn’t take the hacked server offline until 6am PST. The problem is, the hacker replaced the uTorrent Windows client with a fake antivirus executable. So anyone who downloaded the client during that 1 hour 40 minute period was actually downloading malware unknowingly.The malware in question is called Security Shield, and is a well-known rogue anti-spyware program. It will pop-up a professional looking app screen on your desktop that lists fake infections after doing a fake scan. It then offers to remove them if you pay for the full-version of the “security suite.”If you were unlucky enough to visit utorrent.com and download the Windows client during the infected period, then you’ve probably already seen the Security Shield software pop-up and run on your machine. You need to remove it asap, and there’s a good guide over at bleepingcomputer.com telling you exactly how to go about doing it.uTorrent has now apologized and managed to get their servers back online after removing the rogue files. If nothing else this should act as a reminder to everyone to ensure any files you download from the Internet are scanned with a reputable security scanner before being run, as clearly you can’t trust legitimate sites all of the time.Read more at the BitTorrent bloglast_img