Are you regularly visiting torrent websites and downloading content (movies, cracked software, games, music, etc.) from them?
You should be aware (and probably you are) that torrents can be quite harmful, especially if your system is not protected against cyberattacks. It is one thing that torrenting is considered illegal in most countries, and another thing that torrents are often used by malware authors to spread infections.
In the second case, you can be dealing with something we generally call “torrent virus” – the generic name of a threat that summarizes all malware related to downloading torrents. The malware that you download with the desired torrent can be anything – from a PUP (potentially unwanted program) and adware, to spyware, Trojans and ransomware.
In this article, we will provide you with several simple steps to follow to make sure that a torrent is safe to download. We will also introduce you to several cases of torrent infections that took place in recent months.
Torrent Virus – How to Recognize a Malicious Torrent
Here are the steps you need to take to make sure a torrent is safe to download.
1. Check seeders and leechers
The signs of a healthy torrent include the number of seeders and leechers, but this is not always the best tell-tale sign. As mentioned above, even malicious torrents can appear to have a good reputation.
So, what other signs are there? One thing you can do is only download from torrent websites that are verified. These websites have strict administrators who check the torrents before they upload them for users. Some torrent websites even have “verified uploaders” which means that the torrent is most likely safe to download.
But that’s the thing with torrents – you can never be 100% sure!
2. Check the type of file
Almost all video torrents come as MKV, MP4, and AVI files. This is mostly because these file formats are relatively small but can offer good quality. So, if your intended download is in MKV, MP4, or AVI file format, you are good to go.
On the other hand, if the file is WMA or WMV, this is a certain sign that the torrent is fake, and most likely malicious. These video formats are outdated and it is possible that you will be asked to download codecs to play them. Torrent websites full of WMA and WMV files are generally considered unsafe and can infect you with adware, malware, ransomware, and even cryptominers.
Other file formats to be careful with when planning to download movies from torrent sites are RAR and ZIP files. They can be dangerous because malware can be hidden inside them, which can be activated when you extract all files from the archive. This rule mostly applies to movies because movie files are already compressed, meaning that they don’t need further compression.
Software, however, can be compressed, and that is why it is a good idea to scan the archive before doing anything else with it.
3. Check if your music or movie is an EXE file
Executable files shortly known as EXE files can be exploited by malware, and in fact they often are. Malicious torrents can use EXE files to hide their code. You should be very careful around EXE files when you are downloading movies and music. These types of torrents don’t need executable files and if a movie torrent comes as an .exe file, it is most likely malicious.
4. Check comments under torrents
This may seem like a rather trivial advice but users always share in the comment section if they find something irregular with the torrent.
5. Watch out for suspicious browser redirects and new tabs
Intensive browser redirects are a clear indication of a rogue torrent site. You should be especially careful if you have no ad-blocking protection enabled. You may witness intensive redirects and pop-up windows while you are attempting to download the desired torrent. If this happens to you, it is better to walk away from that torrent site. It certainly is full of malicious content.
Torrent Virus – Torrents Bundled with Malware
In this section of the article, you will find information about recent cases of torrent infections.
A recent research conducted by Cybaze-Yoroi Z-Lab researchers focused on the risks stemming from the BitTorrent protocol to download movies, games or pirated software. The researchers were able to analyze a large number of torrents only to discover that a huge percentage of them were bundled with malware or adware. Of course, this exposed users to the real risk of various infections.
More specifically, the researchers focused on torrents in 3 categories – movies, games, and software. In each category they searched for highly anticipated and popular torrents, such as The Avengers 4, Fortnite, and Adobe Photoshop Lightroom. What the experts discovered is that most of the torrents contained malware, and unfortunately, most malicious torrents had good reputation in terms of seeders.
So, here we come to the first conclusion: even torrents with good reputation can be infected and should not be trusted.
Another recent case that perfectly depicted the risks of infected torrents is the release of the last season of the Game of Thrones tv series. The analysis conducted by Kaspersky Lab also revealed several other shows that are most pirated and hence, dangerous.
The researchers identified a total of 126,340 cases of malware masqueraded as episodes associated with these shows. Not surprisingly, Game of Thrones turned out to be the worst.
The information from Kaspersky’s report indicates that Game of Thrones, The Walking Dead and Arrow turn out to be the worst shows in terms of malware infestations. The threat of fake and trojanized Game of Thrones episodes is quite real, as such episodes accounted for nearly one-fifth of all cases, or 17 percent.
More specifically, the first and last episodes of each Game of Thrones season are the most dangerous, as cybercrooks are exploiting the hype. A great example is the much anticipated season 8 of Game of Thrones which caused malicious issues to a great number of users who relied on pirated copies.
Of course, downloading copyrighted content is illegal in its own terms. And users who are doing it are breaking the law. Cybercriminals are just exploiting this fact and are planting malware in fake torrents. Knowing how big and loved a show like Game of Thrones is gives hackers a great opportunity and countless victims to target. Infecting users through torrents is quite easy as no one really bothers to check the extensions of the downloaded files where malware usually lurks.
Downloading copyrighted movies and television shows is often followed by malware infestations. According to a report by RiskIQ for 2015, users are 28 times more likely to infect their machines with malware from torrent sites (a.k.a. torrent virus) than they are from visiting legitimate and licensed content providers.
Torrent Virus – How to Stay Protected
Finally, what steps should you take to protect yourself from malware associated with torrents? What to do to ensure your privacy?
Did you know that in February, 2019 there were multiple complaints from users of torrent sites because their downloaded files contained the GandCrab ransomware as well as other malware? Files shared by CracksNow, a popular uploader of software cracks and keygens, were infected. Torrent sites The Pirate Bay, TorrentGalaxy, and 1337x banned the account of CracksNow. Of course, these cases are not surprising at all since torrents are one of the most popular ways to get infected by malicious software.
Torrent site moderators have to review a number of reported torrents on a daily basis, and malware is often found in them. An admin of the 1337x website has shared with TorrentFreak that “they have a system in place to ensure that things don’t get out of hand. This includes an approval process for uploaders. As it can be expected, the system isn’t flawless. It is a daily battle to sort the scumbags from the legit uploaders and staff work very hard but it’s not foolproof. What I will say is staff are very quick to adapt to all the new ways people try to beat our systems“,” the admin said.
The same admin also said it was rather rare for a trusted uploader like CrackNow to “go rogue”. But, obviously, this still can happen. This is yet another example that illustrates how important it is to have a proper protection.
1. VPN. One thing that is often recommended for torrent users is the employment of a VPN service. We highly advise you to check out our article dedicated to the most secure VPN services. Of course, the use of VPN service will help you stay anonymous and won’t shield you against malware.
2. Anti-malware. That is why another must-have protection against the so-called torrent virus is an anti-malware program. If you are an active downloader of torrent files, you should consider scanning your system for deeply hidden malware.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter