The Infection File Popularity Contest

| | Comments (0)
Ever wondered exactly how people who enjoy putting malicious files into the wide blue yonder ensure their bundles of joy are as attractive as possible to those who would happily download them?

Well, I came across this program today and thought it was worth looking into. It dips into what's hot and current in the world of free downloads then uses that to ensnare as many potential victims as possible.

How do they do it?


The above program helps, for starters. Fire it up and you see this:


As you can see, there's a number of "Top 100" options for music, videos, software and a download button. What are we downloading, and from where? The answer to the first question is quickly revealed when you see a number of text files deposited in one of the application folders:

Open up the "Musik" file, and you're presented with a long list of rather current albums:

Click to Enlarge

A quick check of network traffic and the source of the lists is clear:


Compare the list of albums above with the below screenshot of the Top Album Torrents on The Pirate Bay, organised by number of Seeders:

Popular Pirate Bay Downloads, originally uploaded by Paperghost.

In a simple (yet rather clever move) the program organises the various types of file according to the files with the biggest amount of seeders on The Pirate Bay, then rips the names of each file (be it music, video or something else altogether) and arranges them in lists on your PC. From there, it is child's play to apply the names of the files to your infections (it also allows you to change file sizes, icons and remove version data to make your infection look more like the real thing) then offer them as downloads on forums, free file hosting and anywhere else the attacker can think of.

By using this tool, someone with a penchant for rogue file distribution is always going to have an easy to use list of the freebies most in demand by the downloaders, and (unfortunately for us) it all makes pimping their infections that little bit easier.

Talk about harnessing people power...

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on November 19, 2009 4:06 PM.

Block Checker Download - Avoid! was the previous entry in this blog.

Testimonial Fail is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.