With the advent of companies such as Rightscorp, however, demands for cash settlement now regularly arrive via email. While some recipients treat these emails as spam, they are sent by a legitimate company acting on behalf of genuine rightsholders. Whether people should pay up on presentation of a mere email is a personal matter, but there are some instances in which no payment should ever be considered.

During the past several days there have been increasing reports of Internet users in Germany receiving cash demands for alleged copyright infringement. The emails detail alleged piracy offenses on tracks from Jay-Z, R Kelly, James Blunt, Bullet for My Valentine, and metal bands Sepultura and Children of Bodom, to name just a few.

It’s a very big operation indeed. According to lawyer Christian Solmecke, a lawyer who regularly defends in piracy cases, up to 30,000 individuals are affected, with many calling his offices for legal advice.

But while the emails say they are being sent on behalf of a range of rightsholders from EMI, Sony, and Warner Bros. to DreamWorks and Paramount Pictures, drilling down into the details reveals the whole operation as a huge scam.

The ‘settlement’ mails demand between 200 and 500 euros within 48 hours to make potential lawsuits go away. One reads:

This is a warning because of your violation of § 19a of the Copyright Act on 07.06.2014. The music album ‘Bullet For My Valentine – Temper Temper’ was downloaded from your IP address 8.149.94.13 at 3:40:24.

For details see the attached document XXXXXXXXX.zip

As can be predicted from the final line, the real plan is to trick recipients into opening a file apparently containing details about their case, but which in fact carries a suspected trojan.

“It is very likely that the zip file contains a virus, designed to spy on credit card and account information. The floodgates would then be opened to online banking fraud and identity theft,” Solmecke warns.

“For this reason, all users that have opened the ZIP file attachment should check their PC immediately with a virus scanner and install the security updates for their anti-virus software,” the lawyer concludes.

Finally, by including legitimate law firms’ contact details in the emails, specifically companies that are involved in the settlement business already, the scammers are using a particularly crafty technique to come across as genuine. One lawfirm, Sasse & Partner, was forced to issue a statement denying involvement in the scheme.

“The ‘warnings’ are sent under the name of our lawyer Jan Spieldenner. The perpetrator or perpetrators are apparently making use of the fact that our firm regularly sends warnings on behalf of various clients and has thereby acquired a certain reputation. We point out that the warnings provided by us are never sent as a zip file,” the company explains.

Quite how many people will actually pay up on receipt of such an email is unknown, but by sending out tens of thousands it seems likely that a few will. At the full 500 euro rate, just a couple of dozen ‘settlements’ will net a sizable amount of cash – as ‘genuine’ copyright trolls know only too well.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

A few hours ago, certain sections of The Pirate Bay were flagged by Google as containing malware and were subsequently blocked. Similar warnings were shown by Firefox and some virus scanners. Although The Pirate Bay didn’t host any malicious files, the site’s ads were pointing to several trojans and exploits.

These ads were not sanctioned by The Pirate Bay but were planted there by hackers who used an exploit in The Pirate Bay’s ad server to spread the files. The Pirate Bay ad server is running on OpenX, a popular ad serving platform based on phpAdsNew, which apparently has some unpatched vulnerabilities. Several other large sites that are using OpenX have reported similar problems recently.

The malicious ads found on The Pirate Bay in the last day were linking to external domains including cltomedia[dot]info where several trojans and exploits are hosted. As a result of the hack, Google, Firefox and various virus scanners listed The Pirate Bay as a malicious site, warning users who try to access it.

Frequent visitors to The Pirate Bay may recall that this is not the first time that the site has been flagged in this manner. Similar warnings have been issued several times before, and every time these were related to malicious ads. As it is the only part of the site where third parties have access to, this seems to be the most vulnerable element.

The Pirate Bay team informed TorrentFreak that they are currently working on resolving the problem. The vulnerabilities are expected to be fixed today and after a reinstall the world’s most popular torrent site should be working fine again. At the time of publishing, the warning by Google and others have already been lifted, but caution is advised.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

One of its victims, who got the trojan from downloading a torrent from The Pirate Bay, contacted TorrentFreak. He told us: “I didn’t follow the well established rules of downloading. It was a file with a low number of seeds, many leechers and no comments. I’ve downloaded the file and didn’t visit the torrent page again to view if there were any negative comments.”

It turned out that the trojan originated from a keygen supplied with a copy of pirated software. Instead of generating a key, it modified the hosts file of the computer so that it redirects The Pirate Bay, Suprbay (The Pirate Bay forums) and Mininova to 127.0.0.1, which means that the sites never load.

Aside from blocking the three sites in question, the trojan caused popups and even played a sound file saying that “downloading is wrong”. The bad torrent was removed from The Pirate Bay soon after users commented that the key generator didn’t work, but it is safe to assume that this is not the first and only attempt to spread a trojan like this one.

The question remains, who is behind this? While some might argue that the MPAA, RIAA or other anti-piracy advocates might be the source, we think it more likely that the attack originates from a relatively innocent prankster targeting pirates.

The good news is that it is fairly easy to fix, manually removing the entries from the hosts file solves the problem. “Overall a bad experience, but the computer is fine now,” the affected user told us. Advice and tips about the Windows Hosts file can be found here.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

German authorities weren’t too happy about the leak, which might be illegal according to a criminal law specialist, and went after the source. Earlier this week police searched the home of the Pirate Party spokesperson where they hoped to find more information. In addition to the home search, a server from another party member was seized. The server, however, was fully encrypted, so chances are low that it will uncover the whistleblower.

In a response, Andreas Popp, Chairman of the Bavarian Pirate Party said: “A brave person leaks documents to the Pirate Party, to inform the public about a procedure of the Bavarian Government, which is highly likely to violate the constitution. Now this persons is hunted like a criminal. Private rooms are raided, servers get seized.”

Pirate Parties around the world will continue to speak out against these, and other privacy threats. The trojan in question (German) was able to tap into Skype calls and intercept traffic to encrypted websites.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

Such ‘false positives’ often happen with other harmless applications – better safe than sorry- but since uTorrent doubled its user base in just 12 months and is installed on millions of computers, this problem affected a sizable number of people. It didn’t take long before the issue was reported to Avast, and after approximately 5 hours the problem was fixed.

Earlier this week it became clear that uTorrent’s WebUI (+ Azureus and TorrentFlux) were vulnerable to several exploits. Apparently the vulnerabilities in the webUI, allow outsiders to take over uTorrent and download random content onto one’s system.

uTorrent developer Greg Hazel told TorrentFreak that he is aware of the issue and working on a fix. For now, the BitTorrent client itself is perfectly safe and secure.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

First the MPAA’s DVD sniffing dogs, now a trojan that’s targeting P2P content. Although the creators of the trojan are unknown until now, my guess is that the MPAA will be quite delighted.

Graham Cluley of Sophos, the company that discovered the virus, commented:

“The Erazer Trojan is a vigilante worthy of a Charles Bronson movie, taking the law into its own hands. However, it’s perfectly possible for the Trojan to aim poorly and wipe out innocent files too”.

As far as I know BitTorrent is safe, for now.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.