Spyware, adware hide in BitTorrent downloads
By Joris Evers, CNET News.com
Published on ZDNet News: June 16, 2005, 7:12 PM PT
BitTorrent users, beware: Your download may include adware and spyware.
Purveyors of the applications that produce pop-up ads on PC screens and track browsing habits have discovered BitTorrent as a new distribution channel. According to observers of the trend, videos and music that hide adware and spyware are increasingly being offered for download on various BitTorrent Web sites.
BitTorrent has grown into one of the most widely used means of downloading files such as movies or software. Unlike peer-to-peer networks such as Kazaa, eDonkey and the original Napster, no central search technology exists for BitTorrent. Instead, links to specific files are posted on Web sites.
While applications such as Kazaa have long been associated with adware and spyware, BitTorrent has not. Until now, that is. Chris Boyd, a security researcher who runs the Vital Security Web site, said he found adware and spyware hiding in BitTorrent files.
In one case, an episode of the Fox TV show “Family Guy” was bundled with several pieces of known adware, according to Boyd. “Under that kind of load, a midrange PC can easily go under,” Boyd said. Both spyware and adware are known to hurt PC performance because they use PC resources to run.
In other examples, music files and porn videos came bundled with adware or spyware, Boyd said in an e-mail interview. He suspects that online marketers have launched campaigns to get their software installed on more desktops using BitTorrent.
“This is one of the most egregious spyware infestations that we have seen,” said Alex Eckelberry, president of Sunbelt Software, a maker of anti-spyware software. “It is a major concern. It is going to riddle your system with pop-ups, slow your system down and potentially cause system instability.”
The downloaded files typically were self-extracting archives that would also install the unwanted software, Boyd said. In most cases, users would be presented with a dialog box advising that the extra software was about to be installed and given the impression that the install was needed to get access to the desired content, he said.
However, Boyd found, it was possible to get access to the entertainment the user wanted without installing the adware or spyware. Simply declining the adware and spyware license a couple of times gives access to the content, he said.
On his Web site, Boyd listed a Canadian company as one of the businesses that send out adware and spyware on BitTorrent. That company’s Web site appeared to have been hacked Thursday, with the front page replaced with a picture and a profane message stating that the company should leave BitTorrent alone.
As of late Thursday afternoon, BitTorrent creator Bram Cohen had not replied to an e-mail seeking comment on the issue.