BitTorrent Reloaded: Unauthorised installs lead to pirated movie files on victim's PCs

Yep, the title is a mouthful but you heard it correctly: those crazy guys behind the Middle-East connected Rootkit-powered Botnet (phew! mouthful alert) experimented with something I haven't seen before, and we have the details over at Spywareguide.com.

In short - along with the second wave of installs that prompted FaceTime to go public with their findings (that would be my guys), the group behind all this auto-installed a version of BitTorrent onto the PCs already infected with the Lockx.exe Rootkit - crazy enough, yes? But then they went one further and started pumping movie files down the pipes, onto a sizeable chunk of those infected machines. You can, of course, see some of the BitTorrent files placed onto the PC in the lovely picture.

Why? Not sure. Some kind of proof-of-concept test-run? Highly likely. Especially as they cut it short, and went back to goofing around with more rootkits. Thing is, I've heard rumours (on the Internets) that some other hacking groups have picked this technique up, and will be running with it shortly.

Better to prepare the troops, right?

Bad enough these creeps are whacking PCs left, right and centre with Rootkits. Even worse that it looks like they're messing with BitTorrent and pumping movies all over the place. There's so many issues with that, I don't know where to start. What would the RIAA angle be on it? Or the other "kill the pirate" type groups? Would they crash down on anybody unfortunate enough to have ended up with this on board, their only "crime" to be whacked by a creepy Rootkit via IM?

Well, seeing as stories are currently flying about regarding people being sued for file-sharing (with no PC!), and Pearworks being rugby-tackled for providing a lyrics search facility, it's quite probable.

Now, last time I covered BitTorrent, everything went nuts and lots of people thought I had some kind of crazy "anti-filesharing" thing going on - because we all love BitTorrent forums being splattered with large Adware bundles, right? Dvorak - whoops. When the great "Avalanche" invasion begins, I'll let you know.

Doh.

The sad thing this time round is, I'm not even that surprised by this latest development - when you think about it, it's quite a shocker - but as this "top ten" list of spyware installs graphically illustrates, there's not a lot left to slap us upside the head anymore.

As an example of the kinds of crazy things people are now trying out, using infected PCs as guinea-pigs for whackjob experiments with BitTorrent, it deserves a mention at the very least.

This time round, we can be thankful it was just copies of Mr Bean(!) and Disney cartoons(!!). How about next time? If they're really malicious, they could pipe a user pretty much anything they feel like.

Illegal porn for the win? Quite possibly. Or how about some of those lovely spyware infected media files that were dug up not so long ago?

See where this one could go? The more you think about it, the nastier it gets.

And as we have seen with these guys (who are currently under investigation from the FBI and other Federal Authorities) - they don't get bored and go home. Hacking groups in the East are experiencing something of a Digital Renaissance at present - they're talented, they have the cash to fund their little games, and they're out to prove a point.

The whole Rootkit-powered Botnet thing that FaceTime cracked was amazing for it's depth of attack and the sheer cheek of what they were up to - but this takes things to a whole new level.

2006 - bound to be a vintage year. And I ain't talking about the wine...

Update - Over 1,000 "Diggs" on Digg.com, and an Eweek writeup. I'd like to apologise for the hundreds of websites now putting pictures of Mr Bean all over the place. Especially the one where he has the turkey on his head. Mr Bean does indeed ride again...