Malware Extorts Cash from Bittorrent Users | Torrentfreak
Total Page:16
File Type:pdf, Size:1020Kb
Malware Extorts Cash From BitTorrent Users | TorrentFreak http://torrentfreak.com/malware-extort-cash-from-bittorrent-use... TorrentFreak Home Contact About Archives Forum Malware Extorts Cash From BitTorrent Users Written by enigmax on April 11, 2010 A new type of malware is riding the wave of file-sharing pre-settlement letters by infecting BitTorrent users’ machines and then demanding payments in order to make imaginary lawsuits go away. ICPP Foundation try to give the impression they are RIAA and MPAA affiliated but the whole thing is a scam to extort cash and obtain credit card details. ICCP Foundation claims to be an international company operating out of Switzerland. They say they are “committed to promoting the cultural and economic benefits of copyright” while assisting their partners to fight “copyright theft around the world”. In fact what they really do is operate a scam to extort money from BitTorrent users. Right at this moment we are unsure of the exact route of infection, but somehow malware (probably in either fake file or attached virus form) is displaying a “copyright violation alert” on the victim’s screen, locking it, and redirecting users to the ICPP site where they are told they have been caught infringing copyright. There they are warned their offenses could result in 5 years in prison and a $250,000 fine and are given the option to take the (fake) case to court. They are also offered a chance to make the whole thing go away for the payment of a ‘fine’ of around $400. Victims are also prompted to give their name, address and full credit card details – it is unclear how this information is further abused but it doesn’t look good. 1 of 17 4/12/10 9:27 AM Malware Extorts Cash From BitTorrent Users | TorrentFreak http://torrentfreak.com/malware-extort-cash-from-bittorrent-use... If they select the court option, they are scared with this screen: So that that this evil software (believed to be located at C:\Documents and Settings\Administrator\Application Data\IQManager\iqmanager.exe) more accurately targets BitTorrent users rather than just random users, it appears to scan the user’s hard drive for .torrent files and displays these as ‘evidence’ of an earlier infringement. In order to boost their credibility, icpp-online.com claim to be affiliated with influential partners – the RIAA, MPAA, and The Copyright Alliance. Of course, this is a complete fabrication. This whole approach seems very similar to that employed by so-called ‘rogue software‘ or ’scareware’ which attempt to frighten users into parting with cash for often useless software. And it seems the links to malware don’t stop there. A WHOIS on the ICPP-Online domain reveals some contact data which shows up elsewhere in connection to other questionable activities. Details on this new threat are scarce at the moment, so if any readers can discover more about this malware or the operation behind it, please collate the information and send it over to [email protected]. Saved in: DRM and Other Evil Tags: ICPP-Online, IQManager Previously: Bad Publicity Forces Lawyers Out of Anti File-Sharing Cases Next: Top 10 Most Pirated Movies on BitTorrent 28 diggs 71 tweets retweet Related Posts: No Related Posts 101 Responses (Add yours or TrackBack) 1 Apr 11, 2010 at 22:22 by Zachary D. It is honestly too bad that people can actually fall for these without first performing research– but it does work. People who extort natural human thinking patterns through social engineering for purposes such as this deserve whats coming to them in my opinion. -Zachary 2 Apr 11, 2010 at 22:24 by Anonymous Wait till you see web browser pop-ups that do the same thing in a few months. Then it will get bad. 3 Apr 11, 2010 at 22:24 by layerbakes eradicate it with anti-scareware!! 2 of 17 4/12/10 9:27 AM.