We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hackers try to exploit illegal downloading fears

Trojan claims illegal torrents detected on PC

Hackers are exploiting the controversy surrounding illegal downloading in a bid to steal credit card details from web users, says F-Secure.

The security vendor has identified a Trojan that attempts to get PC users to believe an 'Antipiracy foundation scanner' has found illegal torrents on the system.

The warnings reappear every time the user reboots their system and encourage them to fork out $400 (£259) to ICPP Foundation in a "pre-trial settlement" to cover a "copyright holder fine".

It also claims refusal to pay the fine could result in a jail sentence.

The Trojan's warnings echoes genuine letters sent by law firms on behalf of copyright holders. The letters claim the recipient's internet connection has been used to illegally download music, movies or games and as result they will be required to pay a fine.

However, F-Secure says there is no ICPP Foundation, despite the group behind the Trojan setting up an official-looking website with the URL www.icpp-online.com, and the messages will appear even if the system contains no illegal material whatsoever.

Furthermore, for those that do attempt to pay the fine there is no obvious credit-card payment system connected to the site. F-Secure said the criminals behind the scam just seem to collect the credit card information.

"Refuse to pay money to these clowns! If people pay them, the problem will only grow bigger," says the security vendor.

F-Secure revealed that the domain is registered to Mr Shoen Overns' with a contact email of [email protected]

The security vendor said the email address has been seen before in various other domains, connected to Zeus and Koobface scams.

"The gang behind this attack already has large botnets at their disposal. We assume they've simply uploaded this malicious application to the bots they already control," said Mikko H Hypponen, chief research officer at F-Secure

"People know that movie studios and record labels are playing hardball against pirates. This might actually make some users fall for this scam".

F-Secure advised web users that have been infected with the Trojan to use an antivirus programme to detect and remove it immediately.

See also: Concern over surge in banking Trojans


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

Chromebooks: ready for the prime time (but not for everybody)

IDG UK Sites

Hands-on with Sony's latest smartglasses

IDG UK Sites

The 13 most inspirational Tim Cook quotes