BitTorrent and Malware – Is Speed Worth the Risk?

Let’s say you have a hankering to see the new Deadpool flick. It’s cold and rainy and you’re just feeling lazy. Your options are pretty straightforward – you can either get up off your backside and pay for movie tickets at your local theater. Or sticking with the lazy option, just wait to pay for it on Netflix in a few months.

But let’s imagine you are less than scrupulous – in that case there is another, not uncommon option, albeit one that is totally illegal – That of using BitTorrent to download a bootlegged copy. BitTorrent, which in and of itself isn’t actually illegal, is a file sharing protocol – in other words, it’s a super-fast way to share files with anyone else who is also connected to the BitTorrent client. It distributes large files by using a bit of bandwidth from each connected user, which allows files to transfer very fast.

Ahoy Matey – Thare be Bit Torrent!

The idea of BitTorrent is often linked to piracy. As we mentioned above, because BitTorrent allows users to share huge files quickly, it’s become the portal through which bootlegged copies of movies and music flow. Just some of the numerous legal issues involved include copyright infringement and stealing.

Think it’s not such a big issue and that at the end of the day one pirated copy doesn’t hurt anyone?

Think again.

In the last few years, 20% of all software installations were pirated, costing the software industry 9.5 billion dollars and an insane 95 % of all music downloads in were pirated copies. Piracy ends up hurting everyone from developers, writers, salespeople and engineers to songwriters, singers and actors – pretty much every single entity that goes into creating, producing, marketing, advertising and distributing any sort of creative work loses out because of digital piracy.

BitTorrent isn’t entirely evil

On the other hand, BitTorrent can have perfectly legal uses. Educational institutions like Florida State University use BitTorrent to transfer files with large amounts of scientific data to students and governments use it when they want to make large sets of data publically viewable to save on bandwidth costs. So you don’t need to assume that your friend who uses BitTorrent is actually committing a punishable crime – perhaps he is just analyzing impossibly huge sets of data.

The other BitTorrent problem

Regardless of whether you use it for evil or for awesome, there is an inherent problem with BitTorrent, and really all peer-to-peer file sharing networks. When a user is connected to a peer-to-peer file sharing network, they are exposed to a huge number of IP addresses which may or may not be trustworthy. And according to security firm BitSight Technologies, 43% of all torrented applications harbor malware. They also noted that there was a high level of correlation between peer-to-peer users and botnet infections. As we have mentioned elsewhere on this blog, a botnet is a group of computers that has been infected with malware and is being controlled for malicious purposes by the malware creators, without the knowledge of the owner. So if you use BitTorrent or another peer-to-peer network, your chances of getting a botnet infection almost double.

According to BitSight founder and CTO Stephen Boyer, “File sharing activity can serve as one of many key risk indicators” when it comes to your security habits. According to a study by the University of Vienna, their research indicated that the majority of file sharing download links contained malware. And according to noted security writer Brian Krebs “downloading pirated software and software cracks is among the fastest and likeliest ways to infect your computer with something that ultimately hands control of your PC to someone else…It is almost never safe to download executable programs from peer-to-peer file sharing networks because they are a major source of malware infections.”

Experts do tend to agree, though, that planting malware inside video and audio files is much more difficult to pull off than putting it in applications. To get around this, malware creators try to get would-be-victims to download additional files, aside from the movie or game they are looking for, that contain executables harboring malware. The bad guys are well aware of the fact that when someone wants something, caution pretty much flies out the window – As we have seen time and time again, people are willing to do patently dumb things to get what they want . According to SilverSky research analyst Grace Zeng, “Usually people become less alert when it comes to something they are eager to watch or play for free”

Bang! You’re dead.

So if you decide that you must use Bit Torrent or any other peer-to-peer network, resolve to keep it legal, turn your thinking cap on and stay on guard. Running your anti-virus and anti-malware like RCS will also help keep you safe from lurking malware. But perhaps your best defense is learning some skills in patience. According to security expert Beth Jones . “As popular as some of these things are,” she said, “sometimes it’s worth waiting instead of playing Russian roulette.”

Leave a Reply