Ever wondered exactly how people who enjoy putting malicious files into the wide blue yonder ensure their bundles of joy are as attractive as possible to those who would happily download them?
Well, I came across this program today and thought it was worth looking into. It dips into what's hot and current in the world of free downloads then uses that to ensnare as many potential victims as possible.
How do they do it?
The above program helps, for starters. Fire it up and you see this:
As you can see, there's a number of "Top 100" options for music, videos, software and a download button. What are we downloading, and from where? The answer to the first question is quickly revealed when you see a number of text files deposited in one of the application folders:
Compare the list of albums above with the below screenshot of the Top Album Torrents on The Pirate Bay, organised by number of Seeders:
Popular Pirate Bay Downloads, originally uploaded by Paperghost.
In a simple (yet rather clever move) the program organises the various types of file according to the files with the biggest amount of seeders on The Pirate Bay, then rips the names of each file (be it music, video or something else altogether) and arranges them in lists on your PC. From there, it is child's play to apply the names of the files to your infections (it also allows you to change file sizes, icons and remove version data to make your infection look more like the real thing) then offer them as downloads on forums, free file hosting and anywhere else the attacker can think of.
By using this tool, someone with a penchant for rogue file distribution is always going to have an easy to use list of the freebies most in demand by the downloaders, and (unfortunately for us) it all makes pimping their infections that little bit easier.
Talk about harnessing people power...
Well, I came across this program today and thought it was worth looking into. It dips into what's hot and current in the world of free downloads then uses that to ensnare as many potential victims as possible.
How do they do it?
The above program helps, for starters. Fire it up and you see this:
As you can see, there's a number of "Top 100" options for music, videos, software and a download button. What are we downloading, and from where? The answer to the first question is quickly revealed when you see a number of text files deposited in one of the application folders:
Open up the "Musik" file, and you're presented with a long list of rather current albums:
Click to Enlarge
A quick check of network traffic and the source of the lists is clear:
Click to Enlarge
A quick check of network traffic and the source of the lists is clear:
Compare the list of albums above with the below screenshot of the Top Album Torrents on The Pirate Bay, organised by number of Seeders:
Popular Pirate Bay Downloads, originally uploaded by Paperghost.In a simple (yet rather clever move) the program organises the various types of file according to the files with the biggest amount of seeders on The Pirate Bay, then rips the names of each file (be it music, video or something else altogether) and arranges them in lists on your PC. From there, it is child's play to apply the names of the files to your infections (it also allows you to change file sizes, icons and remove version data to make your infection look more like the real thing) then offer them as downloads on forums, free file hosting and anywhere else the attacker can think of.
By using this tool, someone with a penchant for rogue file distribution is always going to have an easy to use list of the freebies most in demand by the downloaders, and (unfortunately for us) it all makes pimping their infections that little bit easier.
Talk about harnessing people power...
