We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hackers try to exploit illegal downloading fears

Trojan claims illegal torrents detected on PC

Hackers are exploiting the controversy surrounding illegal downloading in a bid to steal credit card details from web users, says F-Secure.

The security vendor has identified a Trojan that attempts to get PC users to believe an 'Antipiracy foundation scanner' has found illegal torrents on the system.

The warnings reappear every time the user reboots their system and encourage them to fork out $400 (£259) to ICPP Foundation in a "pre-trial settlement" to cover a "copyright holder fine".

It also claims refusal to pay the fine could result in a jail sentence.

The Trojan's warnings echoes genuine letters sent by law firms on behalf of copyright holders. The letters claim the recipient's internet connection has been used to illegally download music, movies or games and as result they will be required to pay a fine.

However, F-Secure says there is no ICPP Foundation, despite the group behind the Trojan setting up an official-looking website with the URL www.icpp-online.com, and the messages will appear even if the system contains no illegal material whatsoever.

Furthermore, for those that do attempt to pay the fine there is no obvious credit-card payment system connected to the site. F-Secure said the criminals behind the scam just seem to collect the credit card information.

"Refuse to pay money to these clowns! If people pay them, the problem will only grow bigger," says the security vendor.

F-Secure revealed that the domain is registered to Mr Shoen Overns' with a contact email of [email protected]

The security vendor said the email address has been seen before in various other domains, connected to Zeus and Koobface scams.

"The gang behind this attack already has large botnets at their disposal. We assume they've simply uploaded this malicious application to the bots they already control," said Mikko H Hypponen, chief research officer at F-Secure

"People know that movie studios and record labels are playing hardball against pirates. This might actually make some users fall for this scam".

F-Secure advised web users that have been infected with the Trojan to use an antivirus programme to detect and remove it immediately.

See also: Concern over surge in banking Trojans


IDG UK Sites

4G to get faster and cheaper with Freeview spectrum: We're in for a wait though

IDG UK Sites

Why you shouldn't buy your gadgets at launch: Wait and pick up a bargain

IDG UK Sites

Artist creates a geometric rave in a chapel for The House of St Barnabus

IDG UK Sites

Mac mini (Late 2014) 1.4 GHz review: Mac mini is sort of upgradable, but is it any good as it is?