Sign in with
Sign up | Sign in

Torrented Windows 7 RC Builds Botnet

By - Source: Tom's Hardware US | B 58 comments

Researchers at security firm Damballa said that an infected, pirated version of Windows 7 Release Candidate created a botnot spanning around 27,000 controlled bots.

Researchers at security firm Damballa said that an infected, torrented version of Windows 7 Release Candidate created a botnet spanning around 27,000 controlled bots. The firm said that the hidden Trojan infected thousands of users when the software first began to circulate BitTorrent sites on April 24, spreading at a rate of "several hundred" new bots per hour, maxing out (so far) with as many as 552 users per hour. However, Damballa managed to knock out the devious botnet's command and control server on May 10.

According to the firm, the clever little Trojan performed its magic immediately after users downloaded the Windows 7 RC. Once situated on the hard drive, it locally installed a bundle of malware. The Trojan was virtually immune to anti-virus tools because many solutions still do not support the new operating system, thus leaving end users wide open for infection. With that said, the computer was infected before the consumer could locate and install compatible tools. Unfortunately, the problem hasn't been solved on a permanent basis.

“We continue to see new installs happening at a rate of about 1,600 per day with broad geographic distribution,” said Tripp Cox, Damballa's vice president of engineering, in a statement. “Since our takedown, any new installs of this pirated distribution of Windows 7 RC are inaccessible by the botmaster. The old installs are accessible. The countries with the largest percentage of installs are the U.S. (10%), Netherlands (7%), and Italy (7%).”

The firm didn't specify as to what the botmaster plans to do with the current network, if anything at all. However, botnets are typically used to distribute spam email, phishing schemes, retrieve personal information via spyware, or carry out denial-of-service attacks. Conficker is probably one of the more popular botnet names as of late, with an estimated 10 million bots currently in its network, and a spam capacity of 10 billion per day. Another botnet attempted to build a kingdom earlier this year through pirated versions of Adobe Photoshop CS4 (Mac version) and iWork '09, although that attempt was eventually thwarted as well.

Ultimately, users interested in obtaining the Windows 7 Release Candidate need to steer clear of BitTorrent websites or other P2P distribution applications. Instead, consumers can obtain the OS safely by heading to Microsoft's website. The RC is free to download, and will stay active until early next year.

Discuss
Display all 58 comments.
This thread is closed for comments
Top Comments
  • 24 Hide
    Geibys , May 14, 2009 10:22 PM
    I don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.
Other Comments
  • 24 Hide
    Geibys , May 14, 2009 10:22 PM
    I don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.
  • -5 Hide
    Ridik876 , May 14, 2009 10:23 PM
    Man I wish I could be a a 733t haxor pirater. It means I'm so tech savvy and am uber and smarter than everyone who pays for their software. I guess it is due to this elite knowledge of mine that I'm trying to pirate free software. Good job.
  • 4 Hide
    crisisavatar , May 14, 2009 10:28 PM
    GeibysI don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.

    RC wasn't out then
  • -5 Hide
    thundercleese , May 14, 2009 10:34 PM
    Goddamned leeching bastards. Oh, and dirty apes too.
  • 4 Hide
    Sicundercover , May 14, 2009 10:38 PM
    crisisavatarRC wasn't out then

    Well it was but only to those who had a developers account at MSDN. There are actually 3 versions of the RC floating around out there. One is a Russian release , one from China, and one uploaded by a person who downloaded it from MSDN.

    Its all a matter of what circles you run in I guess.
  • -3 Hide
    IronRyan21 , May 14, 2009 10:48 PM
    Quote:
    I don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.


    Seriously.... people are DUMB! Hmm let me get a pirated copy of win 7 RC because its soooo expensive.
  • 0 Hide
    doomtomb , May 14, 2009 11:03 PM
    GeibysI don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.

    I agree. If I want Windows 7 RC, which I have, download it from Microsoft direct. Why would you want to go to a torrent site and allow someone else to have their hand in it, compromising security.
  • 4 Hide
    SAL-e , May 14, 2009 11:04 PM
    I can't believe how brainwashed some people are. BitTorrent is not equal to piracy. Many people use BitTorrent because is the most efficient method to download.
    This is primary example how hackers are taking advantage of Microsoft's stubbornness not to provide official torrent file and ignorant users that for some very important reason, I am sure, can wait for official release of RC to the public.
  • 2 Hide
    tpi2007 , May 14, 2009 11:08 PM
    GeibysI don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.



    Yes, it makes no sense at all. I don't mean to insult anyone, but those people who just couldn't wait a few more days before the RC was available to the general public and instead went to get it from a torrent had it coming.

    Patience is getting scarcer these days...
  • 0 Hide
    IronRyan21 , May 14, 2009 11:13 PM
    Quote:
    I'm not worried despite having downloaded it through torrents./quote]

    Wow, couldn't wait for a few days. Had to have it. This is the same mindset as the other idiots who downloaded through torrents. It wont happen to me! I'm 1337.
  • 4 Hide
    Anonymous , May 14, 2009 11:16 PM
    Piracy issues aside, consider the idea of medium distribution. Bittorrent technology offers a superior method of distribution than downloading directly from a single source (e.g. Microsoft's servers). Perhaps if Microsoft were to offer the download of Windows 7 via Bittorrent, there would be no need to have a 3rd party torrent release.
  • 0 Hide
    Anonymous , May 14, 2009 11:28 PM
    Such huge downloads should be available via torrent, it is cheaper, fast, resumable and chunks are automatically verified using checksums. Most of the torrent clients have also some options to download in background when network is idle. I got the image directly from Microsoft, if they gave me a torrent I would have preferred it over direct download.
  • 3 Hide
    tpi2007 , May 14, 2009 11:33 PM
    kami3kWell considering how it was torrented 100,000s of times and so few bots are appearing, yea I can put two and two together and say I'm safe. And how are we idiots be downloading through a better medium then pretty much any other?



    When you're downloading the ISO from Microsoft you a have a much higher degree of certainty it won't have a trojan inside. Besides, almost everyone I asked here on the first day was experiencing very decent download speeds from Microsoft. I got 770 Kb/s on the 34-bit version and 850 on the 64-bit. Some people were getting as high as 2 Mb/s. And this was on the first day! Besides, Microsoft says there is no need to hurry.

    Why would you resort to a torrent when you can get it safely from Microsoft? If I didn't manage to download it on the first day I would wait a couple of days. What's the rush ?

    Getting it ASAP through a torrent isn't worth the risk in this case where you have a viable alternative. Leave torrents for other stuff.

    In my humble opinion there are two things that are not worth getting through a torrent, or pirated (not that one is necessarily connected to the other, and I'm not being ironic) - the Operating system and a security suite /antivirus/firewall/anti-spyware. In these core areas it is better to get it preferably from a trusted source.
  • -1 Hide
    touchdowntexas13 , May 14, 2009 11:56 PM
    Yup i was averaging around 3 Mbps. Got it downloaded, burned, and installed within a very short time span (an hour i guess?). No trojans either. A lot faster than i thought it would take that's for sure.
  • 4 Hide
    mcbowler , May 15, 2009 12:01 AM
    My PC is a virus infected whore.
  • 2 Hide
    hemelskonijn , May 15, 2009 12:15 AM
    What else is new ? ... i think this article should be common sense specially if its posted on a tech web as opposed to i don't know Kosmo-Girl !
  • -2 Hide
    IzzyCraft , May 15, 2009 12:22 AM
    Good lol it's what they get. I don't trust this site microsoft.com what's that imma go with this torrent that a few people scanned with a random anti virus and said it's okay...

    Lol also at the people saying i don't trust active x from microsoft.com but I'll trust a random plug-in for firefox every time! Guess what update your IE and it's one of the most secure browsers around just don't go around saying yes to every warning it gives.

    Anyone that resorted to downloading a torrent on a free public rc that microsoft hosted that is bound to be faster then a torrent and more secure needs some education on how the Internet works.
  • -2 Hide
    silversurfernhs , May 15, 2009 12:35 AM
    see, when the tubes clogged i was downloading at 215k on an 18 meg connection, so i torrented it and both versions were hitting 2.5 megs a second. thats my first reason; my second reason is because there were legitimate versions (which i downloaded) and it was out earlier than the Technet and MSDN.
  • -2 Hide
    cadder , May 15, 2009 12:41 AM
    You have to have a windows live passport account to log into microsoft.com and download. I don't have such an account so that was as far as I got. Nowhere on the download page did it explain how to sign up. I wasn't really interested in getting 7 so I didn't pursue it further, I just didn't believe that just anybody could go to microsoft.com and hit the download button so I thought I would check it out.
  • 2 Hide
    touchdowntexas13 , May 15, 2009 12:47 AM
    touchdowntexas13Yup i was averaging around 3 Mbps. Got it downloaded, burned, and installed within a very short time span (an hour i guess?). No trojans either. A lot faster than i thought it would take that's for sure.


    probably should have mentioned i was downloading through microsoft
Display more comments