A new trend is surfacing, as spammers have sent out millions of emails targeting BitTorrent users. The emails, that claim to come from MediaDefender, warn the receiver that he or she has been logged using BitTorrent and points them to an attachment supposedly containing evidence, but which is in fact infected with a virus.
Over the years BitTorrent has attracted some shady figures. We’ve reported on malware ridden BitTorrent clients and media players, a BitTorrent site that infects its users with spyware, and several other scams.
Although most scams can be avoided easily when a few simple rules are followed, they still manage to trick thousands of novices every day – and this is not going to end anytime soon. Since BitTorrent has become more or less mainstream, with millions of users worldwide, it also proves an interesting target for email spammers.
The latest scam, unlike the others we have reported on before, is one that is sent by email. The email is disguised as a message from the anti-piracy company MediaDefender (using their logo etc.), and warns the recipient that his or her download behavior has been logged. The email has a report attached with more details about the infringed material, which turns out to be a virus (A Mytob worm which installs a trojan, and allows outsiders to gain access to your computer).
Pirate Spam Email
Your recent internet activity was logged on the following sites:
We have attached a report about the copyrighted movies, music, softwares you
downloaded or searched on these webpages. We strongly advise you to stop any
future activities regarding the downloading of illegal content or you can
expect prosecution by 17 U.S.C. Â§Â§ 512, 1201?1205, 1301?1332; 28 U.S.C. Â§
To the more experienced and BitTorrent savvy users it is clear that the email is a scam. First of all, MediaDefender has never been involved in anti-piracy enforcement. The only thing they do is spoofing, flood BitTorrent sites with fake files, and the occasional DDoS attack on Revision3.
In addition, the email claims to have data on what the user searched for on the sites, which is irrelevant and practically impossible. It seems that the spammers should have done some more research on the topic. A good spammer would have included The Pirate Bay in the list of sites instead of Getinvites, which is a BitTorrent invite trading site, and not a search engine
A related scam email, sent out by the same group of people judging by the style and format, is also targeted at filesharers and threatens to suspend their Internet connection. The email claims to be sent by the Internet service provider consortium, and again includes an infected attachment with a report.
The email is a clever scam that shows how mainstream BitTorrent has become. The emails are sent out randomly, but many recipients, scared by be cut off by their ISP, or sued for downloading copyrighted material, might open the infected attachment without realizing that it is a scam.