Torrenting has always been a risky business since the files you download are shared throughout a peer network which means any file can be compromised. The only way to tell if a torrent is infected with torrent malware is through scanning comments, evaluating the file size, and the peer provider reputation. As if it wasn’t bad enough already, now security researchers from InfoArmor have revealed that RAUM is being used to spread malware throughout torrent files.
RAUM is a tool used by Eastern European organized cybercrime group Black Team to spread malware. The hackers are motivated by financial gain with infected torrent files operating through programs which return them money.
Security group InfoArmor reports that they “have identified in excess of 1,639,000 records collected in the past few months from the infected victims with various credentials to online services, gaming, local media, corporate resources and exfiltrated data from the uncovered network.”
These infected files are distributed through popular torrent seeds that have been taken over. The hackers looked “for compromised accounts of other users on these online communities that were extracted from botnet logs in order to use them for new seeds on behalf of the affected victims without their knowledge, thus increasing the reputation of the uploaded files,” reports InfoArmor.
Some of these infected files have been operating for months, even if torrent websites are working towards deleting dangerous files for now. The scary part is that “all of the created malicious seeds were monitored by cyber criminals in order to prevent early detection by [anti-virus software] and had different statuses such as ‘closed,’ ‘alive,’ and ‘detected by antivirus.’ Some of the identified elements of their infrastructure were hosted in the TOR network,” InfoArmor explains.
In order to protect yourself online torrent malware, you always need to handle files with extreme care. While antivirus software and VPN software can help, you should hardly ever download and install pirated software that can contain malicious files. That means games and all applications. Even innocent looking files like TurboTax have been called into question and verified as malware.
Even if it’s a top trusted file on ThePirateBay with tons of seeders and leechers, you can’t be sure it’s safe. I know for a fact that a Witcher 3 [GOG] torrent on PirateBay existed as a top downloaded file that was loaded with viruses.
While being super paranoid can be helpful to prevent torrent malware, you still need to protect your IP while torrenting when downloading things like media files, you need to use a good VPN to stave off the copyright trolls. I would recommend TorGuard VPN or GhostVPN since they are our top rated VPN providers. IF you don’t have a good antivirus program, I’d recommend checking out some of these antivirus reviews.