Torrented Windows 7 RC Builds Botnet

News
By Kevin Parrish
published

Researchers at security firm Damballa said that an infected, pirated version of Windows 7 Release Candidate created a botnot spanning around 27,000 controlled bots.

Researchers at security firm Damballa said that an infected, torrented version of Windows 7 Release Candidate created a botnet spanning around 27,000 controlled bots. The firm said that the hidden Trojan infected thousands of users when the software first began to circulate BitTorrent sites on April 24, spreading at a rate of "several hundred" new bots per hour, maxing out (so far) with as many as 552 users per hour. However, Damballa managed to knock out the devious botnet's command and control server on May 10.

According to the firm, the clever little Trojan performed its magic immediately after users downloaded the Windows 7 RC. Once situated on the hard drive, it locally installed a bundle of malware. The Trojan was virtually immune to anti-virus tools because many solutions still do not support the new operating system, thus leaving end users wide open for infection. With that said, the computer was infected before the consumer could locate and install compatible tools. Unfortunately, the problem hasn't been solved on a permanent basis.

“We continue to see new installs happening at a rate of about 1,600 per day with broad geographic distribution,” said Tripp Cox, Damballa's vice president of engineering, in a statement. “Since our takedown, any new installs of this pirated distribution of Windows 7 RC are inaccessible by the botmaster. The old installs are accessible. The countries with the largest percentage of installs are the U.S. (10%), Netherlands (7%), and Italy (7%).”

The firm didn't specify as to what the botmaster plans to do with the current network, if anything at all. However, botnets are typically used to distribute spam email, phishing schemes, retrieve personal information via spyware, or carry out denial-of-service attacks. Conficker is probably one of the more popular botnet names as of late, with an estimated 10 million bots currently in its network, and a spam capacity of 10 billion per day. Another botnet attempted to build a kingdom earlier this year through pirated versions of Adobe Photoshop CS4 (Mac version) and iWork '09, although that attempt was eventually thwarted as well.

Ultimately, users interested in obtaining the Windows 7 Release Candidate need to steer clear of BitTorrent websites or other P2P distribution applications. Instead, consumers can obtain the OS safely by heading to Microsoft's website. The RC is free to download, and will stay active until early next year.

Kevin Parrish
58 Comments Comment from the forums
  • Geibys
    I don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.
    Reply
  • Ridik876
    Man I wish I could be a a 733t haxor pirater. It means I'm so tech savvy and am uber and smarter than everyone who pays for their software. I guess it is due to this elite knowledge of mine that I'm trying to pirate free software. Good job.
    Reply
  • crisisavatar
    GeibysI don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.RC wasn't out then
    Reply
  • thundercleese
    Goddamned leeching bastards. Oh, and dirty apes too.
    Reply
  • Sicundercover
    crisisavatarRC wasn't out thenWell it was but only to those who had a developers account at MSDN. There are actually 3 versions of the RC floating around out there. One is a Russian release , one from China, and one uploaded by a person who downloaded it from MSDN.

    Its all a matter of what circles you run in I guess.
    Reply
  • IronRyan21
    I don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.

    Seriously.... people are DUMB! Hmm let me get a pirated copy of win 7 RC because its soooo expensive.
    Reply
  • doomtomb
    GeibysI don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.I agree. If I want Windows 7 RC, which I have, download it from Microsoft direct. Why would you want to go to a torrent site and allow someone else to have their hand in it, compromising security.
    Reply
  • SAL-e
    I can't believe how brainwashed some people are. BitTorrent is not equal to piracy. Many people use BitTorrent because is the most efficient method to download.
    This is primary example how hackers are taking advantage of Microsoft's stubbornness not to provide official torrent file and ignorant users that for some very important reason, I am sure, can wait for official release of RC to the public.
    Reply
  • tpi2007
    GeibysI don't get why people would download the Windows 7 Beta or RC from a torrent site when Microsoft is offering it for free, to me that just doesn't make any sense.

    Yes, it makes no sense at all. I don't mean to insult anyone, but those people who just couldn't wait a few more days before the RC was available to the general public and instead went to get it from a torrent had it coming.

    Patience is getting scarcer these days...
    Reply
  • IronRyan21
    I'm not worried despite having downloaded it through torrents./quote]
    Wow, couldn't wait for a few days. Had to have it. This is the same mindset as the other idiots who downloaded through torrents. It wont happen to me! I'm 1337.
    Reply