We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hackers try to exploit illegal downloading fears

Trojan claims illegal torrents detected on PC

Hackers are exploiting the controversy surrounding illegal downloading in a bid to steal credit card details from web users, says F-Secure.

The security vendor has identified a Trojan that attempts to get PC users to believe an 'Antipiracy foundation scanner' has found illegal torrents on the system.

The warnings reappear every time the user reboots their system and encourage them to fork out $400 (£259) to ICPP Foundation in a "pre-trial settlement" to cover a "copyright holder fine".

It also claims refusal to pay the fine could result in a jail sentence.

The Trojan's warnings echoes genuine letters sent by law firms on behalf of copyright holders. The letters claim the recipient's internet connection has been used to illegally download music, movies or games and as result they will be required to pay a fine.

However, F-Secure says there is no ICPP Foundation, despite the group behind the Trojan setting up an official-looking website with the URL www.icpp-online.com, and the messages will appear even if the system contains no illegal material whatsoever.

Furthermore, for those that do attempt to pay the fine there is no obvious credit-card payment system connected to the site. F-Secure said the criminals behind the scam just seem to collect the credit card information.

"Refuse to pay money to these clowns! If people pay them, the problem will only grow bigger," says the security vendor.

F-Secure revealed that the domain is registered to Mr Shoen Overns' with a contact email of [email protected]

The security vendor said the email address has been seen before in various other domains, connected to Zeus and Koobface scams.

"The gang behind this attack already has large botnets at their disposal. We assume they've simply uploaded this malicious application to the bots they already control," said Mikko H Hypponen, chief research officer at F-Secure

"People know that movie studios and record labels are playing hardball against pirates. This might actually make some users fall for this scam".

F-Secure advised web users that have been infected with the Trojan to use an antivirus programme to detect and remove it immediately.

See also: Concern over surge in banking Trojans

IDG UK Sites

What is Google Photos? How to back up and share all of your photos for free

IDG UK Sites

Why I think the Apple Watch sucks and you'd be mad to buy it

IDG UK Sites

Swatch launches a colourful smartwatch

IDG UK Sites

New Apple TV 2015 release date rumours: TV streaming service delayed, hand gesture interface being...