{"id":324,"date":"2011-09-15T13:41:04","date_gmt":"2011-09-15T12:41:04","guid":{"rendered":"http:\/\/blogs.silicontechnix.com\/?p=324"},"modified":"2011-09-15T13:45:06","modified_gmt":"2011-09-15T12:45:06","slug":"utorrent-web-servers-compromised","status":"publish","type":"post","link":"https:\/\/blogs.silicontechnix.com\/?p=324","title":{"rendered":"uTorrent web servers compromised"},"content":{"rendered":"<p style=\"text-align: justify;\"><span id=\"intellitxt\" name=\"intellitxt\"><br \/>\n\t<\/span><\/p>\n<p style=\"text-align: justify;\"><span id=\"intellitxt\" name=\"intellitxt\">If you are a torrent lover like me then you need to read this.<br \/>\n\t<\/span><\/p>\n<p style=\"text-align: justify;\"><span id=\"intellitxt\" name=\"intellitxt\">Unfortunately, a day before yesterday <b>(13th September, 2011)<\/b> uTorrent&rsquo;s (tiny and very stable torrent client) web servers were compromised by a hacker. This happened at 4:20am PST, and uTorrent&rsquo;s web server team didn&rsquo;t take the hacked server offline until 6am PST. The problem is, the hacker replaced the uTorrent Windows client with a fake antivirus executable. So anyone who downloaded the client during that 1 hour 40 minute period was actually downloading malware unknowingly.<br \/>\n\t<\/span><\/p>\n<p style=\"text-align: justify;\"><span id=\"intellitxt\" name=\"intellitxt\">The malware in question is called Security Shield, and is a well-known rogue anti-spyware program. It will pop-up a professional looking app screen on your desktop that lists fake infections after doing a fake scan. It then offers to remove them if you pay for the full-version of the &ldquo;security suite.&rdquo;<\/span><\/p>\n<p style=\"text-align: justify;\">If you were unlucky enough to visit utorrent.com and download the Windows client during couple of days, then you&rsquo;ve probably already seen the Security Shield software pop-up and run on your machine. <font color=\"#FF0000\">You need to remove it asap check your PC with some good Antivirus<\/font> other wise read this <a href=\"http:\/\/www.bleepingcomputer.com\/virus-removal\/remove-security-shield\">page<\/a> [<a href=\"http:\/\/www.bleepingcomputer.com\/virus-removal\/remove-security-shield\">bleepingcomputers<\/a>]<\/p>\n<p style=\"text-align: justify;\">uTorrent has now apologized and managed to get their servers back online after removing the rogue files. If nothing else this should act as a reminder to everyone to ensure any files you download from the Internet are scanned with a reputable security scanner before being run, as clearly you can&rsquo;t trust legitimate sites all of the time.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you are a torrent lover like me then you need to read this. Unfortunately, a day before yesterday (13th September, 2011) uTorrent&rsquo;s (tiny and very stable torrent client) web servers were compromised by a hacker. This happened at 4:20am PST, and uTorrent&rsquo;s web server team didn&rsquo;t take the hacked server offline until 6am PST. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_s2mail":"yes","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[17,95],"tags":[153,154,151,152],"class_list":["post-324","post","type-post","status-publish","format-standard","hentry","category-security","category-system-administration","tag-fake-antivirus","tag-torrents","tag-utorrent","tag-virus"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p12j6H-5e","_links":{"self":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts\/324","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=324"}],"version-history":[{"count":7,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts\/324\/revisions"}],"predecessor-version":[{"id":331,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts\/324\/revisions\/331"}],"wp:attachment":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=324"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=324"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=324"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}