Did hacking group LulzSec go for one last prank before shutting down its operation under the Lulz Security name? That’s what the folks over at StopMalvertising are claiming.
When the group announced on Twitter and Pastebin that it was ending its 50-day hacking spree, it linked to a torrent at The Pirate Bay to a 600-plus megabyte file containing information about some of their last attacks and documents allegedly taken from wireless giant AT&T about the planned construction and rollout of its LTE network. There was also a folder called “BootableUSB” amongst the AT&T documents.
That directory apparently had an infected file called WinRar v3.71.exe. WinRAR is a legitimate Windows compression utility. What was in the BootableUSB folder was not a real WinRAR file, but malware pretending to be a helpful tool. There were other tools in the directory, such as Foxit Reader for reading PDF files and VLC for playing media files/
The directory contains “trojans and worms and all sorts of nasty things that no one in their right mind would want,” All Things D reported. Even if all the other files are legitimate, just the fact that WinRAR is not makes one wonder about LulzSec’s motivations for that torrent.
Pirate Bay has deleted the infected torrent and Anonymous has provided a link to a clean torrent from its Twitter account.