Security researchers at Damballa report shutting down the command and control server of a botnet built by a Trojan bundled with pirated copies of Windows 7 RC. The Trojan is believed to have infected thousands of users.Attackers pushing pirated, malware-laced copies of Microsoft's upcoming Windows 7 operating system have been actively trying to build a botnet.
According to researchers at Damballa, attackers hid a Trojan inside of pirated copies of the operating system and began circulating them on BitTorrent sites. Damballa reported that it shut down the botnet's command and control server May 10, but by that time infection rates had risen as high as 552 users per hour.
"Since the pirated package was released on April 24th, my best guess is that this botnet probably had at least 27,000 successful installs prior to our takedown of its CnC [command and control] on May 10th," said Tripp Cox, vice president of engineering at Damballa.
Targeting users through pirated software is nothing new for hackers. Earlier in 2008, for example, attackers sought to build a Mac botnet on the backs of users of pirated versions of iWork '09 and the Mac version of Adobe Photoshop CS4.
Even aside from the malware threat, piracy is big business. A joint report by the BSA (Business Software Alliance) and IDC estimated software companies experienced $50 billion in losses in 2008 due to piracy.
In the case of Windows 7 RC, pirated copies were leaked on BitTorrent sites with a Trojan horse that, once downloaded, attempts to install a bundle of other malware on the infected machine. Blocking infections is tricky, as many anti-virus tools do not yet support Windows 7 and the operating system is infected before the tools can even be installed, according to Damballa.
"We continue to see new installs happening at a rate of about 1,600 per day with broad geographic distribution," Cox said. "Since our takedown, any new installs of this pirated distribution of Windows 7 RC are inaccessible by the botmaster. The old installs are accessible. The countries with the largest percentage of installs are the U.S. (10 percent), Netherlands (7 percent) and Italy (7 percent)."
| | Reader Comments: Pirated Windows 7 Builds a Botnet With Trojan | | >>> Post your comment now!
| | The Real ProblemThe real problem with computers are the users. Most people don't want to be bothered with tech, they just want it to work. If people actually... Posted At: 12-03-09
By: SUDO this... | | | | | | Arrrggghhh!If you download Pirated goods, expect Pirate results. This is not fake or new. A buddy of mine, just downgraded to vista, I mean windows 7 Ultimate... Posted At: 12-03-09
By: Captain Ahab | | | | | | FakeMS can do everything to keep people away from w7 !
so this news looks really fake !! yeah scary people dont download from BT lol Posted At: 05-16-09
By: Bill | | | | | | Nothing to see hereThis article would be more believable if it had some facts in it, like the name of the "Trojan." I downloaded 4 separate torrents as well as the one... Posted At: 05-16-09
By: Diogenes | | | | | | Security????????"Apple's Security Update 2009-002 is a massive patch batch that plugs more than 60 vulnerabilities in OS X and software designed for the Mac" Seems... Posted At: 05-15-09
By: Anonymous | | | | | | Re:DittoheadActually...don't care much for Rush...but thanks for proving my point. You can go back for another gulp of Kool-aid now. Posted At: 05-15-09
By: Active and Useful Brain | | | | | | Ditto HeadGo pound sand in your arse and turn the dial. Rushbo the pill popping hypo-critical bigot is on. Posted At: 05-15-09
By: Anonymous | | | | | | >>> Post your comment now! | | | | | |
|
 |
/ 16 
(Sponsor)
(Sponsor)
(Sponsor)
Security Hardware & IT Security Software 
