The latest in a long line of scams targeting email users is attempting to capitalize on the increasing number using BitTorrent sites.
Targets of the scam receive an unsolicited email purporting to come from notorious anti-piracy company MediaDefender. The email, which is simply addressed “Dear User!” claims the individual has been monitored on any of several torrent sites while engaging in anything from copyright infringement, through to simply browsing the sites.
Of course, citing MediaDefender is a nonsense, since that company doesn’t get involved in anti-piracy warning letters – its specialty was spoofing on BitTorrent networks.
Additionally, most of the sites listed don’t even operate a tracker, so committing any type of copyright infringements on them is almost impossible. Here is the body of the email;
Pirate Scam Spam
Your recent internet activity was logged on the following sites:
hxxp://XXXXX.net/report_78478XX.exe (XX added by TorrentFreak)
We have a report about the copyrighted movies, music, softwares you downloaded or searched on these webpages. We strongly advise you to stop any future activities regarding the downloading of illegal content or you can expect prosecution by 17 U.S.C.512,1201?1205,1301?1332; 28 U.S.C. 4001 laws.
So what is this scam all about? Attached to the email is a logfile which supposedly provides additional information about the user’s infringements, but of course this is a lie – the log is really a virus.
Threat characteristics of ZBot – a banking trojan that disables firewall, steals sensitive financial data (credit card numbers, online banking login details), makes screen snapshots, downloads additional components, and provides a hacker with the remote access to the compromised system. Creates a startup registry entry. Contains characteristics of an identified security risk.
Savvy Internet users will hopefully realize the email is a scam fairly quickly, but hardened file-sharers should smell a rat even earlier due to the omission of demands for money.