Torrent websites blocked? This ‘vigilante’ malware stops users from visiting piracy-linked sites

0
76

Torrent websites like The Pirate Bay have been at the centre of controversy many times and this time it has acquired a totally different hue.

As anyone connected with the digital medium knows, there are bad actors out there who use malware to infect computers, smartphones and tablets. The problem is getting more and more serious each day, with malicious actors working hard to take control of unsuspecting users’ devices.

Once the device is infected, the malware performs various tasks like stealing user data, login credentials, spying on users using the camera and microphone, redirecting users to dangerous sites, or infecting other users to create a network of bots. A very popular avenue of infecting user devices is through ‘pirated’ versions of popular software and tools that are available on the Internet from websites like The Pirate Bay.

Here’s what we know about the new vigilante malware that blocks access to popular Torrent websites.

Anti-piracy malware

In an unusual development, researchers at Sophos recently discovered a new form of malware – software that is designed to attack and damage a user’s computer or other gadgets – but one that surprisingly doesn’t perform any of the nefarious activities described earlier.

Instead, this new “anti-piracy” malware infects a user’s system and prevents the computer from accessing thousands of torrent sites, including the most popular website – The Pirate Bay.

How malware infects computers

In a blog post, Sophos lead researcher Andre Brandt states that the malware is one of the strangest cases he’s seen in a while, and states that the vigilante malware modifies the ‘Hosts’ file on the computer it is run on.

The ‘Hosts’ file is a small file used by operating systems like Microsoft Windows to control network connections on the system, and the malware uses this file to “block” the system from connecting to several domains associated with piracy-related websites.

How it works

The Internet works through IP addresses, but domain names for websites help users quickly connect to them without remembering the IP address for each website. When the malware infects a computer, it directs the system to a “dead” IP address, instead of loading the actual IP address of the website. This means that the connection is effectively blocked, and the user will not be able to access the piracy-connected website.

How to clean up your PC

According to Sophos, reverting your Hosts file once it has been infected is actually quite easy, and the malware does not reinfect the system unless you run it again.

“Users who have inadvertently run one of these files can clean up their HOSTS file manually, by running a copy of Notepad elevated (Run as administrator), and modifying the file at c:WindowsSystem32Driversetchosts to remove all the lines that begin with ‘127.0.0.1’ and reference the various ThePirateBay (and other) sites,” the company explains. – Hindustan Times, New Delhi/Tribune News Service



Source link