PirateMatryoshka
Torrent site infecting people with malware.
Makes for great headlines. Here's the actual report on securelist for deeper reading.
Torrents make for easy targets, since the people using the are stereotyped to be doing so for less than above board reasons. Any judgements aside, caution needs to be exercised regardless of why you are torrenting a file.
For downloaders:
- Be cautious. Look at the number of seeders and peers. It's easy to abuse and inflate. Use https://iknowwhatyoudownload.com/en/api/ and sign up for the API. Look for the amount of activity there and double check it against what you are seeing.
- Look up the tracker. If you can't easily find it via your favorite search engine, reconsider downloading from it.
- Look for comments. See if they sound human and make sense. You know what to do if they don't.
- Any kind of instructions are a dead give away to a likely bad file. If it asks for you to log in, provide data, authenticate, etc -- you are about to be phished, infected or generally done over in a very painful way.
- File types matter. Use caution with an archive (rar, zip, 7zip, etc.) and completely avoid executable files if possible.
- Download to a safe location. If you can, use a virtual machine.
For Researchers:
Head to here. Sign up for an API key. You can query up to a 1000 times for free. You can pivot off a lot of interesting elements here. My favorite one is the infohash, which provides a JSON of the following fields back.
Feel free to dig to your heart's content. Here's the full breakdown of what's available via the API.
You can also do it yourself with a bit of elbow grease: http://labs.boramalper.org/magnetico/
No comments:
Post a Comment