TrafficLoader.com to Infect BitTorrent Users with Malware
Written by enigmax on August 09, 2008A new BitTorrent site has appeared which will allow scammers and spammers to infect its users with spyware, malware and viruses. An admin of TrafficLoader.com says that no bad torrents will ever be removed from the site and is inviting people to upload malicious software to infect torrent users.
Here at TorrentFreak we get a few emails each week announcing the arrival of new BitTorrent sites but there are so many, we can’t possibly write about them all. Instead, due to time limitations, we write about ones which are topical in some way or offer some interesting or unique features. Today we report on a new torrent site which does indeed have an interesting feature, although most won’t appreciate it.
One of the main drawbacks of using P2P software such as Limewire, is that the content on the network (Gnutella) is unmoderated – anyone is free to put up whatever they like, be it music, movies or TV shows. Of course, others use this lack of moderation as a green light to upload viruses, spyware and other malicious software. Equally, one of the great strengths of BitTorrent (at least from a harm-reduction point of view), is that .torrent files are uploaded to torrent sites where staff work hard to filter out as much of the malicious software as they can, making BitTorrent relatively malware-free.
Of course, this great system falls apart if you can’t trust the people running the site. People expect anti-pirates like MiiVi to be ‘the enemy within’, but who needs those when you have ‘friends’ like the guys at new torrent site, TrafficLoader.com.
TrafficLoader.com (and its forum, pdls.info) hasn’t been setup for the benefit of BitTorrent users, it will be used by spammers, scammers and virus peddlers to spread their malicious software among the community (and make money off it). One of the admins called ‘Satty’ says that no registration is needed to upload torrents to the site and none will ever be removed. The site does have a notice – ‘Viruses, spyware, affiliate links and everything related is strictly prohibited’ but don’t believe it – Satty says these rules don’t apply to his friends in the PPI (Pay Per Install) community.
A few days ago the site was pretty bare with relatively few torrents and it was clear that most of them contained malware. It was suggested to Satty that it might be a good idea to have some genuine torrents too, to help disguise the bad torrents. Now things are starting to ‘improve’ on the site with many more torrents added recently which don’t immediately appear to be malware.
In the last few days, TrafficLoader cosmetically ‘cleaned up’ the site to remove porn adverts in order to appear more genuine but unfortunately, someone as well as TorrentFreak noticed that they made a big mistake:
“Why would you [Satty, admin] put a forum for ppi on a publicly scraped site, a.k.a here?? Do you just want ppl to find out shit is full of malware?”
Just in case they did want people to find out, hopefully this post will help them get the word out.
For those that want advice on how to avoid bad torrents in the future, try one of our guides.
Update: The site was taken offline a few hours after this article was posted, that’s our good deed for the weekend.
Previously: African Drug Cops to Go After Pirates
Next: The Pirate Bay Blocked in Italy
98 Responses
I literally don’t understand the principles behind this new site. It’ll die within 2months.
No one will use it and it will die pretty soon.
keep spreading the word TF, experienced p2p users will be well protected but i feel sorry for the noobs out there that will get there experience ruined. its bad enough havin to watch ya self from the big corporate dicks but to have sites doing this is ridiculous. lets hope it dies as quick as it started.
Aww, I was kind of disappointed.
I thought this was a bittorrent site dedicated to hosting malware. I was going to bookmark it in case I ever needed to find a virus.
Someone should create that.
Maybe it’s creators are just bored malware distributers, who want to have some fun?
I really couldn’t think of any other reason, given that they are still able to use their brains…
Looks like we found the proverbial bad apple in the barrel… wanna bet the RIAA/MPAA/Sony etc will use their service to upload a couple of anti p2p trojans/rootkits/viruses etc themselves?
Think about it, am giving good odds ;-)
Why would you need a virus….are you that big of an idiot that you have to be malicious at others…
Didn’t your mama teach you to be nice.
… and their logo (and background) colors look very ‘Demonoid’!
Looks like a ripoff of demonoids site.
Anyone smell a DDOS?
no registration? none will ever be removed?
not only malware authors but child molesters must love this site… another form of upload that I do not miss stumbling in torrent sites
I Hoped All The People Who Run TrafficLoader.com All Die. They Wont Be Around Long When The Hackers Take Then Down LoLL. I Hope To See These C*nt’s Get Ruined Soon Hopefully :)
Whats the I.P. ?
look it up
Eh, I kind of see this as more of a site for people who already have a botnet. You can upload a torrent of an updated code or something and let all the infected computers seed it so after you infect someone else you can point it to the torrent and say “download this file, then run it”. Granted some people would use it to infect people but it seems like if I wanted to update thousands of computer this could be of use.
well we can do something here, i’v been uploading torrents there with the name this site is shit etc etc
and will continue to do so untill i get ip banned, then i’ll reboot the modem :P
Guys WAKE UP!
This site was created to look real, its just using the demonoid template.
These spammers thought it was easier to make their own site to upload fakes to as they keep getting removed from Mininova & TPB
These guys should be shot in the head!
what did he mean by making money out of it….if he is publicly saying that there are malwares uploaded…wouldn’t the visitors drastically decrease……wierd tactics,really wierd
torrentini.com is also a trap of mpaa like miivi.com
according to whois.domaintools , IP Location of torrentini.com is the same as the one of miivi.com – a ‘fake’ site of MPAA’s Media Defender to catch pirates : Arizona – Scottsdale – Godaddy.com Inc .
http://whois.domaintools.com/miivi.com
http://whois.domaintools.com/torrentini.com
I only use torrents for trojan spreading purposes. :-)
HHMMMMMMMMM……
i think i good DDOS attack sounds in order for these PRICKS……..
Will this affect private sites?
No?
Then let the n00bs burn.
OMGZ!!! THEY HAVE THE DARK KNIGHT DVDRIP ON THE SITE!!!!! OMGZ!!!!
lol.
Who would this honestly fool?
well chit
Alert! Anti pirates detected. Writing nonsense as usual with their dinosaur-sized brains.
Please clean up the garbage symbols that are flooding this section. Thank you.
Ignore and let this failship drown.
“your ad here for free”? odd.
Is this Mediadefender’s MiVii replacement?
TrafficLoader.com: When people understand why Windows sucks (my left ball)
it doesnt have to be a successful site, just getting a couple PPIs a week is enough for them to keep it up forever every little bit of money helps, and while i don’t condone this site or think that its cool at all, i do understand that: people have to pay bills :(
no, this is awesome, I run a computer repair shop and a bunch of retards always call me and ask “where can i get free movies and music” i’m going to reccoment trafficloader.com
This Account Has Been Suspended
Please contact the billing/support department as soon as possible.
————————————-
Appers to be shut down!
Perfect!
This one jerkoff at work is already in trouble for overuse of the ‘net when he’s supposed to be working. I’ll have to make sure he finds out about the ultracool torrents this site hosts. ^_~
It’ll probably take clean installs for them to get all the malware off.
“This Account Has Been Suspended”
BWAHAHAHAHAetc…
Still, I hope s/h/it dies slowly – in excruciating pain. Tossers like this are ruining our (tino) nets.
This Account Has Been Suspended.
Crash and Burn.
omfg thse ppl are sad fucks . if i had money i would donate it to the person that ddos them 1st lol . infact , we should set up a new section of this site , see who can ddos them the most times lol . fucking sad pricks just kill p2p . there are so many sites working so hard to keep it safe for us , then there are wankers that just screw it all up . well anyway nice work torrent freak for uincovering there bullshit . i hope you all rot and die .
TrafficLoader.com
We all know what must be done…
whaddafool….
Wonder how long before the media industry use this an example of how P2P is a tool only used by virus spreading, paedophile terrorists.
Thousands of public trackers have died before, and they were TRYING to keep their service clean. Why will this one survive?
site will die within 2 month from the torrent users that will DDOS the site due to gives bad name to other sites that do great job keeping clean files to give out to the users
Its gone down!!!
haha looks like there host has fucked them off.
V-Bombs sent. Now waiting for results. Enjoy!
homo,s creating a bittorrent site to index shite? ddos the whores and be done with it. BAH
40 Aug 09, 2008 at 18:49 by Friend of Zero1Kool
V-Bombs sent. Now waiting for results. Enjoy!
good job bro ;)
SPAM NEWS assholes
someone send it to 4chan or something and have everyone attack it
thank god i’m on a mac
noobs deserve to get infected… and those who infect noobs deserve to be paid for making the internet a better place.
The problem is, other sites like the TPB may host some of their stuff even if for a short time. People may add the trackers for this site on there.
I dont know how many times I see something on the TBP labeled as trojan or virus by users in the comments.
Altho the talent at the TPB will catch the trackers I am sure, I think it will be some time before that gets implemented. Lets hope we as a community can make it possible to stop this.
I reported their website to the webhosting community. Good that they removed that shit site.
—————-
Hi there,
We do not allow torrent sites on our hosting, not to mention bad torrent sites.
This account has now been suspended.
Regards
—————
http://byet.net/showthread.php?t=8033
trafficloaders just taken down. Why host child p**n torrents! Sickos!
“We take these matters seriously, and have actioned a suspension of this account immediatly based on the content violations , viri content, etc ,etc.”
So basically keep using the trackers I use now and if I go public make sure to avoid specific torrent tracker URLs and what not.
Someone should work on a fix to scan this site and compare torrents on their trackers to remove the same files from other trackers… a black list as you might put it.
I DID TALK WITH A FRIEND IN ITALY
TODAY, HE TOLD ME THAT ALL ITALIAN ISP’S RECEIVED AN ORDER TO SHUT DOWN ALL ACCESSIBILITY TO THE PIRATE BAY FROM ITALY TO THE SITE TPB.
NOW YOU CAN ACCESS IT ONLY VIA PROXY.
CHINA IS NEAR…… NOT ONLY
WITH THE…….OLIMPIC GAMES !!!!!
The site is already down. So I guess it’s no longer a problem.
i have this di*ks email adress, GOT SPAM??…lmao!!!
First, I want to clear that I never invited ppl to uplaod virus/malware or child porn torrents. I am too against them. Maybe you know or maybe not.. I just invite some of my friends to place their PPI links. PPI is not a virus.. its only use for ads purpose, that’s all. But you guys take me and my site wrong. Thats all, I wanna say.
You can check zangocash or vombacash for what is PPI (pay per install)?
sites done. stoep postin wit ur bad grammr go red a buk
Its funny thing Satty, I read your posts on pay-per-install.org before you deleted them and its not quite as you claim! and please thank your ppi “friends” for letting up know about WinRAR.
You can see he removed all of his posts on the forum. Too bad google cached them already.
http://209.85.215.104/search?hl=en&q=cache%3Ahttp%3A%2F%2Fwww.pay-per-install.org%2Fpay-per-install%2F1530-our-first-torrent-site.html&btnG=Search
maybe, you didnt read this “I am not saying to make it popular trough PPI members. Its just to know you all.”
and maybe I was dreaming when I read your post about the disclaimer not allowing viruses etc only applying to outsiders and not for your ppi “friends”
Scatty
and if you are so innocent Scat Man why did you delete your posts?
site is closed now. So, I think there is no issue now.
@ Diablo (#17)
Make money meaning things such as adware that attempts to sell you antivirus software to remove other viruses. Kinda like the insurance company setting your first house on fire, then when you move into a new one, attempting to sell you fire insurance.
On another note, thanks for the heads up TF, glad this stuff is taken out of the community before it causes too much of a problem.
“site is closed now. So, I think there is no issue now.”
nope none what so ever….
now back to SAFE torrenting…..
awwww what, i like viruses i play with them in Ubuntu there so cute i even give them names :D
Maybe when you explain why you deleted your posts, why you created your site to deceive people into downloading infected shite and your “friends” cease your activities we can consider the issues closed.
whew they epically failed. big time.
I am human being.. am just was afraid, that y i deleted all posts.. nothing else.
and the site was created to make some money from advertisements
“afraid”? I put it to you that you know what you are doing is wrong and when you got caught red handed, you attempted to cover your tracks and mislead people by making false claims here, in a pathetic attempt at self preservation. Bearing in mind I did read all your posts before you deleted them would you like to answer my question about your motivation for creating the site in the first place? and maybe comment on your post regarding the no virus etc rule?
GTFO, cowardly netfilth.
wake up white people
I heard that MiniNova site is making much money from advertisements so do I, nothing else, really. Believe me. I joined zangocash who pays for per install via per country. I want to advertise their free content etc. at my site and some other sites banenrs like adbrite or so, thats all and never thought anything else besides it. you can see there are lots of sites who pays for pay per install including zango etc, so only motivation is about that.
How about….get a real job rather then sitting on a computer all day trying to make money off “noobs”
To me, if you create a site with the intent to immediately to make money, then you should have your internet cut off.
Make a site to help and provide to others. Ad here or there? Fine, but when you bog a site down with ads, malware, adware and everything else to make some fuckin’ money….come the fuck on, get a real job.
Ok so you say your motivation was purely for the money (which contradicts the torrent ethos) can you explain why you were happy for your ppi “friends” to post torrents that contained viruses?
The difference between MiniNova and what you did, is the mininova people didn’t set the site up to allow their friends to infect peoples computers with unwanted shite, in the attempt to generate money.
“there are lots of sites who pays for pay per install”
If I were to ask you to help me kick someone in the balls would it make it ok because I asked you to help?
Can you not see what you and the ppi community are doing is wrong?
Now these Pay-Per-Install wankers are deleting all posts that disagree with their malware-selling wank. Pay them a visit & let them know how you feel about them saying shite like this:
“Why are now all those fu*ktards from torrentfreak registering here? Just to tell us how unethical we are and that we’re criminals.”
http://www.pay-per-install.org/pay-per-install/1530-our-first-torrent-site.html
REMEMBER: They want to poison YOUR torrents with spyware, viruses, trojans & the like…
@ 78 so much for 140cOps post regarding what we were going to do without “shiteware”
Just in case he deletes it:
“Ok, cock smoker, let’s see what your cyberspace friends from the ’scene’ can do to this site.
Oh, and without involving a botnet or DDoS attack because I think those are also classified as “shiteware”.”
I call on all loyal TF, P2P, Usenet, & Scene soldiers to rally round & do all they can to initiate an ‘Internets Death Penalty’ on these malware-peddling assholes.
Let’s see if we can rid ourselves (tino) of these cancerous tumours growing out of the nets’ sweaty butt-hole…
quick whois shows
http://www.who.is/whois-com/ip-address/trafficloader.com/
@78, Cardinal Felchboi
So they’re whining and slandering their betters, licking each others’… *ahem* wounds?
Good. Never interrupt your enemy when he’s in the process of destroying himself. If they’re stupid enough to think that their circlejerk means people support them, let them keep thinking that.
This Site is a waste of bandwidth on the net some one complain on Dig.com and get a person to DoS these Sh*heads
So, malware– can you put this in terms us Ubuntu and Mac users will understand? Like, are the files corrupted or what?
OMG I freaking HATE Malware. Whats up with the idiots that constantly come up with stupid Malware!
JT
http://www.Ultimate-Anonymity.com
OMG I freaking LOVE Malware. Wats up with teh idiots that constantly download and install Malware onto their computers?
DA
http://www.Imanoob-faggot.com
I have reported the forum to the host due to the content of the forum and the alleged torrents of child porn hosted on the indexing site, which was set up by the users of the forum.
I will report back if/when the host gets back to me. Hopefully we can get the forum closed without anyone resorting DDos attack.
If these scumbags are into watching child porn or worse hopefully they will get locked in a cell with Mr Big till they die.
Lucky Havingfun has not deleted his posts, yet. Please see:
http://www.pay-per-install.org/pay-per-install/1530-our-first-torrent-site-2.html
post 13 this has a quote of part of Satty’s post (number 10) advising that the rules don’t apply to his “PPIer” friends:
“heheheeeee, sapmi, thats for other, not for PPIer”
this was in response to sapmi’s post (number 9)
“”Viruses, spyware, affiliate links and everyhing related is strictly prohibited”
lol…
just an observation”
cache of his posts
http://209.85.215.104/search?hl=en&client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&hs=b2M&q=cache%3Ahttp%3A%2F%2Fwww.pay-per-install.org%2Fpay-per-install%2F1530-our-first-torrent-site.html&btnG=Search
I wish i could point and laugh at their faces.
*linux powered*
>:)
OK, being a MOD myself, I’m a bit ambivalent after reading this story from TF and reading for example some comments at the link enigmax provided.
For one I hate those scammers and kill them (their useraccount i mean here only!) and their infected torrents when ever I spot one on TPB.
On the other hand, I do read the rationalisations of some of those guys they use to justify their part they play in this complex “game” in those comments they wrote in response to some of TF readers comments. And I must admit from a pure logical point I think I can understand those guys someway!
They argue since people are “stealing” the software it’s those people own fault when they get infected by the shit those assholes bundle the software with.
(I like the reference to WinRAR they make.[I do hope the search results on TPB for that one are mostly clean!!]
If those that “steal” it
-instead of downloading from the creator and paying him something for the creation or using those moneyfree alternatives that are at least also able to EXTRACT the rared files-
do get infected because they downloaded software from unknown, not trustworthy sources then I don’t feel too much pity for those uneducated guys. (I do hate that they add one more zombie into the army of hijacked “not your PC anymore” machines!)
Even Microsoft warns you in their “10 Rules” not to run software/or eat sandwiches from strangers!
SO if you guys think you need Winrar instead of money free alternatives like 7zip or IZArch and you think accepting the software not from the official vendor is OK and something you should do, THEN AT LEAST BE SO SMART AND GET IT FROM “TRUSTED” SOURCES!
On TPB those guys that are trusted some way are the ones with the icon beside their username. Somehow those managed to earn the trust of people involved with TPB. So if you trust the later that they only trust trustworthy people with the “greenie skull”, then at least you observe Microsofts Sandwich analogy. And if you are in the “stealing” of executable programs instead of TV-shows or musicfiles (Beware of Windows Audio though!) you can then be a bit more calm that you will not hand over your machine to guys like those people that try to make money out of you by “stealing your PC”.
[nothing in this comment ... You know the disclaimer already if you have taken in the past some of the few non executable musicfiles I distributed without the blessing of the Leistungschutzrechteinhaber.]
The site is run by a long time gay scam artist Dave Harrison, who calls himself “Harro”
He tried to scam people earlier.
gizmodo(dot) com/gadgets/breaking/false-hacker-poses-as-iphone-dev-team-unlock-author-tries-to-grab-41560-donation-298473.php
Now he runs this retarded site infecting people with spyware.
Its time someone brings this asshole down.
DDOS his fucked up site, pay-per-install(dot)org
And his info in case anybody wants to flame him is
Dave Harrison
Shamrock Court
Belfast
BT6 8HT
His mugshot:
mylot (dot)com/w/image/1305452.aspx
Phone:2890502612
Email:harroinc (at)gmail.com
makecash(at)ntlworld.com
Other associated sites
blackhatworld(dot)com
makecash(dot)org
Hi, I make $140/day infecting people with adware. I outsource most of the work to India, so I average about 2 hours/week and Net $130/day.
Lick my nuts.
Now that same group of PPI’s will relaunch it as something else, and not talk openly about it in public forums. Damn it’s gonna be harder to catch ‘em the second time around.
be forewarned this is how sony got access to the software to make the rootkit that affected millions
do not give them free knowledge.
WE AINT HERE TO EDUCATE STUPID CORPORATE BUMS
@#93
1 – $140/day
2 – $130/day
Make your mind up, lying fukcweasel…
=]
Wat say we collectively ddos the site at a specific time ? That’l cripple their servers to hell !!
Just because you don’t like private trackers doesn’t mean you’re a newb genius it means you’re too lazy to register for anything especially when it’s hardly EVER necessary
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.