Google Blocks Demonoid for Spreading Malicious Software

News

In one of the harshest moves a search engine can take against a site, during the past few hours Google flagged torrent site Demonoid as likely to harm users' computers. After arriving at the conclusion that malicious third-party ads had caused the problem, Demonoid responded by disabling every single advert on its site until further notice.

demonoidIn recent months, entertainment industry bodies have been working hard to ensure that companies become more aware of where their ads are being placed, with the aim of strangling site finances and eliminating any idea that brands are in partnership with pirates.

Just recently the tactic branched out into describing most leading pirate sites as malware havens, a claim that some described as exaggerated. However, during the past few hours a pretty big and related drama hit semi-private torrent site Demonoid.

After being off-air for 20 months after hosting trouble in Ukraine, the site relaunched this March. Former members of the site were pleased to find that their old logins worked and ever since the site has been trying to get back to its former glory. Yesterday, however, problems with third party adds provoked a harsh response from Google, one that continues today.

Those searching for Demonoid are currently warned in search listings that “This site may harm your computer” and even those who choose to ignore the warnings aren’t allowed to access the site via Google. Instead they are diverted to the following page:

Google-demon

Google’s advisory reports that after checking 59 pages on the site during the past 90 days, 7 pages resulted in “malicious software being downloaded and installed without user consent”, something likely to worry most users.

Google goes on to report that the malicious software in question was hosted on another domain – adv-inv-net.com – and further investigation reveals that the site is the source of a huge number of problems.

According to malware analysis the Romanian-hosted domain carries 177 exploits and 2 trojans, which together have led to the infection of not only Demonoid, but more than 2,000 other sites.

adv-attack

Aware that Demonoid along with thousands of other sites had been blacklisted by most search engines and web browsers, Demonoid’s operators announced that all advertisements would be removed from the site until the problem could be identified.

“We run content from a lot of ad networks in our ad banners, and a lot of banners from each,” the management team said in an announcement.

“One of those banners started serving malware, so we disabled all ads until we are 100% sure of the culprit and get it removed. We are also taking the proper steps to get us out of all the blacklists.”

This latest advertising controversy comes just a week after the publication of a report which claimed that 90% of the Internet’s top 30 “pirate” sites contain malware, “potentially unwanted programs”, or items designed to deceive.

While seemingly not Demonoid’s fault in this instance, one has to question if these kinds of malware events will become more prevalent in the months to come. With entertainment industry companies scaring away advertisers, options for torrent and streaming site operators to do business with ‘up-front’ ad networks are likely to narrow, forcing them further into the arms of those who carry the kind of junk experienced in the past 24 hours.

Photo: Michael Theis

Tagged in: ,

Share this post

Share on Google+

You May Also Like

c There are 78 comments. Add yours?

comment policy