ExtraTorrent.cc - The Largest Bittorent SystemLogin   |   Register
Latest Articles
Most searched
Hot torrents
First Cams
View Torrent Info: Max Steel 2016 HC HDCAM UnKnOwN
View Torrent Info: Allied 2016 HDCAM x264 AC3 HQMic-CPG
View Torrent Info: Underworld Blood Wars 2016 HDCAM NAKRO
View Torrent Info: Moana 2016 HD-TS XviD AC3-CPG
Hot torrents
View Torrent Info: The Fight Within.2016.HDRip.XviD.AC3-EVO
View Torrent Info: Spectral.2016.HDRip.XviD.AC3-EVO
View Torrent Info: The.Disappointments.Room.2016.DVDRip.XviD.AC3-EVO
View Torrent Info: All.We.Had.2016.HDRip.XviD.AC3-EVO
Hot torrents
H264 X264
View Torrent Info: Air.America.1990.720p.BRRip.x264.AAC-ETRG
View Torrent Info: Southside.With.You.2016.1080p.BluRay.x264.AAC-ETRG
View Torrent Info: Spectral.2016.720p.WEBRip.x264.AAC-ETRG
View Torrent Info: Finding.Dory.2016.BluRay.720p.DTS.AC3.x264-ETRG
Hot torrents
View Torrent Info: The.Exorcist.S01E09.WEB-DL.x264-FUM[ettv]
View Torrent Info: Van.Helsing.S01E13.WEB-DL.x264-FUM[ettv]
View Torrent Info: The.Vampire.Diaries.S08E07.HDTV.x264-LOL[ettv]
View Torrent Info: Gold.Rush.S07E09.Record.Gold.PROPER.HDTV.x264-W4F[ettv]
View Torrent Info: Pink (2016) HQ 1080p Blu-Ray x264 DTSHD-MA 5.1 ESub -DDR
View Torrent Info: BEFIKRE (2016) ~2CD Desi PDvD Rip x264 AAC 2.0 (De-Flickered) -DDR
View Torrent Info: Bidyesh - The Envy (2016) x264 DvDRip AC3 5.1 ESub -DDR
View Torrent Info: Housefull 3 (2016) HQ 1080p Blu-Ray x264 DTSHD-MA 7.1 MSubs -DDR
To add new messages please Login or Register for FREE
Warning! Use a VPN When Downloading Torrents!
Your IP Address is   Location is United States
Your Internet Provider and Government can track your torrent activity!  Hide your IP ADDRESS with a VPN!
ExtraTorrent strongly recommends using Trust.Zone VPN to anonymize your torrenting. It's FREE!

ExtraTorrent.cc > Articles > Attention: New P2P Worm Renames Itself into the Most Popular Software

Attention: New P2P Worm Renames Itself into the Most Popular Software

Attention: New P2P Worm Renames Itself into the Most Popular Software

Added: Saturday, May 15th, 2010
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
The kicker of the worm: it copies itself into peer-to-peer shared folders renaming itself into any file from The Pirate Bay’s top 100 games and software, published on the BitTorrent tracker website.

The TrendLabs’ security researchers have noticed a new worm getting spread via peer-to-peer programs right like the threat which displays false copyright infringing warnings. The difference of this worm from most known ones (which usually use the hard-coded file names trying to trick people by pretending to be a useful staff like actual software, cracks or key generators) is that this Worm_pipupi.K renames itself regularly, using for this the names of the files listed among the top 100 software and games titles on the Swedish Pirate Bay BitTorrent tracker website.

Why didn’t it choose the usual way? The problem is that when the malware uses the hard-coded method, it becomes obsolete when the software which name it wears becomes antiquated. Our Worm_pipupi.K passes this over by using the names of fresh released software. It does it by visiting The Pirate Bay website every time it executes in order to change the name into the new one. As such, the sly worm will never find itself unpopular among the users! After that it leaves the copies of itself at the peer-to-peer shared folders under the names of the top 100 games and software files. The malware uses the names from top 100 software and 100 games, loaded from the following links:


This way it can later drop up to 200 copies of itself into the network with every execution, and provided that it weighs 254,604 bytes each, the malware can occupy a significant part of your hard drive over time.

The malware is reported to be spread over most used P2P applications like the eMule, Kazaa, Ares, BitComet, FrostWire, Bearshare, Limewire, Shareaza, Lphant peer-to-peer networks, and also through removable drives.

What is worse, the copies of the worm’s source code are also reported to have been found easily available in some underground forums. This means that any malicious programmer will be able to add some other payloads to the malware, like backdoor capabilities or downloading routines, which won’t be very good at all.

May 15th, 2010

Posted by: 

Date:  Saturday, May 15th, 2010

Comments (24) (please add your comment »)

posted by (2010-05-15 15:39:22)
conmac863 avatarThanks for the info SaM.
Tricky little bastards.....

posted by Site Friend (2010-05-15 16:09:25)
magiccrack avatarwow! thanx for the super article, thanx SaM

all types of malware is bad-crack but this worm changes name so it's difficult to see, as stated above.

thanx SaM nice post.

posted by (2010-05-15 16:56:09)
Aestrada avatarThanks for the Info.

posted by (2010-05-15 16:56:20)
MRclassictorrent avatarThanks sam for the info, hope the people find something to stop this thing. As always I'll keep my files up to date.

posted by (2010-05-15 17:07:22)
BHM avatarthanks sam nice share of info..

posted by Site Friend (2010-05-15 17:42:23)
karakurachow avatarThanks man

posted by (2010-05-15 19:50:57)
terrillcase30655 avatarheh i'll just stick to downloading movies

posted by Site Friend (2010-05-15 21:29:06)
karakurachow avatarlol good thinkin abt to d/l only the movies

posted by Site FriendET junkieET loverSupermanSun (2010-05-15 21:30:14)
texasguy avatarthanks sam for the read also is there anything to fight it with

posted by ET lover (2010-05-15 21:57:35)
gypsywarrior avataryour articles rule sam.i've learned loads from em.sadly its nearly always bad news but its all appreciated.when will they learn that they'll hurt themselves just as badly in the long run?

posted by (2010-05-15 22:30:13)
batkid avatarI hope that whoever invented this gets worms. Mongolian death worms. And that they eat him from the inside out until he's nothing more than a pulpy mess.

posted by Trusted UploaderSite FriendET loverKittyGirl (2010-05-15 22:59:29)
wallpapersxplore avatarTHANKS SAM
for this wonderful article

posted by (2010-05-15 23:44:54)
user213 avatarthanks for the head up Sam! Very useful information!

posted by Xbox (2010-05-16 03:16:24)
kayo1212 avatarwhats some preventative measures to not get this... can it be extracted thru torrents??? or just direct downloads???

posted by (2010-05-16 06:10:25)
dance4283 avatarthank you for the info. Any suggestions for a good anti-malware program?

posted by SupermanTrue Love (2010-05-16 06:47:15)
pizstol avatarmalwarebytes anti-malware is a good one

posted by SuperAdmin (2010-05-16 09:48:59)
ozi avatari think it's bs as it sounds like a publicly stunt so TrendLabs can sell more software just like
PrevX did a year back but when it was found that PrevX was dumping rootkits and malware on peoples pc's on purpose to spy that's just my opinion don't hold me to that

posted by Site FriendET junkieET loverSupermanSun (2010-05-16 12:53:17)
johnnysnake avatarthe early bird gets the worm..i like worms..i'm canadian and i love fishing..joking,
thanks Sam..good info

posted by Blocked (2010-05-16 21:20:32)
menahunie avatarThis "NEW" worm isn't really a new worm.
Just another variant of what is out there in the wild.
If you kept you sfotware upto date - YOU DID?
Then you shouldn't worry that much.
I scan ALL FILES with different malware detectors and even if they all declare file is clean - well you make the choice in the end.
I also don't use malware detection software that uses name tables - old and also stupid if the company hasn't put out updates fast enough LIKE ALMOST EVERY DAY; then you could get infected.
What is really needed is some "white Hats" people to deconstruction this crap and find the makers signature then go after these people ourselves... YA know a little cyber justice...
I have had script KIDDES from a very well known ISP using three letters try to crack my system; yet they ALWAYS leave themselves open for payback.
So remember whne you act stupid and wonder why you partition is gone heheheh.
Malware detectors don't consider a simple bat file a threat when all it does is on reboot kill your partition using microcrap commands... Of course this is just a fantasy RIGHT?
The real problem is government sponsored malware and one really big threat is CHINA, North Korea,and others..

posted by Blocked (2010-05-16 23:05:13)
phoenixcrash avatar@ menahunie: China? North Korea? Who taught those bitches to use a computer in the first place?

posted by Site FriendSuperman (2010-05-17 01:43:13)
Sinisterj12 avatarYes malewarebytes is probably the best i've seen around in a while. I take care of over 300 grocery stores servers and when they get virus's its usually Malwarbytes that cleans them up. If that doesn't do it we use Combo fix.. bad thing with combo fix is... it takes the virus.. and anything attached to it.. no matter how important the system file.. sometimes its ok.. but alot of the time its not. Good article.

posted by Blocked (2010-05-17 05:54:55)
menahunie avatar@ phoenixcrash

WE did; they went to our universities and schools...

posted by Site Friend (2010-05-19 11:57:28)
manofkent avatarmalwarebytes is the best ive used

posted by (2010-05-19 17:09:45)
BooHoo avatarGreat article. I'm sure everyone would agree we need more of these @ ET
Wonderfull job SaM
Big support to menahunie
no one will help us if we don't help ourselves
sorry to note that I don't have WH skillz, but I atleast try not to be a carier of that crap along the way, multiple scans & fingers crossed
when it comes to prc and dprk, yeah, but there is a lot of scum everywhere, including big Co's racketeering us with their anti-stuff
Just hope that some day (better sooner than later) there will be a group of guys willing to hunt those sorry mf's down and cause them a proper damage they deserve
hope to see that day coming...
best 2 ya all! as they say - ET the place to be... :)

Articles Search
Most Popular Stories
Articles Categories
Articles Tags

Home - Browse Torrents - Upload Torrent - Stat - Forum - FAQ - Login
ExtraTorrent.cc is in compliance with copyrights
BitCoin: 12DiyqsWhENahDzdhdYsRrCw8FPQVcCkcm
Can't load ExtraTorrent? Try our official mirrors: etmirror.com - etproxy.com - extratorrentonline.com - extratorrentlive.com
2006-2016 ExtraTorrent.cc3