TorrentGuard: The most effective tool against BitTorrent malware

10 September 2012

BitTorrent is not immune from malware. Sites like The Pirate Bay, due the huge volume of contents distributed from them, obviously contain a lot of scams, fakes and malware among their files. According to researchers, at least one third of TPB houses this kind of contents in the form of fake torrents. This is the reason that led to the creation of TorrentGuard, a tool that will enable users themselves to identify this kind of files, that TPB is working to optimize and implement.

The fact is that, due to the large number of users each month, bittorrent is a clear target for a wide range of scams and fake torrents which are downloaded by users allured by names of popular films or TV series. In most cases, once the file is downloaded, users end up being forwarded to malicious web sites or installing malware.

The Pirate Bay is probably the site where this kind of activities are more prevalent in BitTorrent. For this reason, a group of researchers decided to monitor all the files it contained over a period of two weeks.

Researchers found that, out of 29,330 torrent files, 12.209 were“fake” and were removed. This means one out of every three uploaded torrents are fake, either malware or some kind of scams. While TPB moderators and administrators are constantly removing them, researchers warned that, within one year, millions of users would end up downloading those fake files.

And this is where TorrentGuard comes up. A system capable to describe and analyze the issue of fake torrents. A tool enabling users themselves to check the torrents before they are downloaded. A tool provided as a Vuze plugin, but also available as a web service.

And how does it work? According to their description, the system can identify malicious files because most of them are uploaded by a small group of uploaders. 90% of all fake files were “seeded” by only 20 IP addresses. Therefore, according to statistics, TorrentGuard can prevent around 10 million fake downloads a year.

Rubén Cuevas, a researcher from the Carlos III University of Madrid who has worked in the project, talked about it with torrentfreak:

While we know most power users are aware of these risks and can identify fake torrents in most cases, a large percentage of BitTorrent users are not skilled enough to tell fake torrents from legitimate ones. We hope our research will enable at least part of the non-skilled users to become aware of this threat and thus be more careful when selecting torrents to be downloaded.

In addition to The Pirate Bay, OpenBitTorrent and PublicBitTorrent have already said they will cooperate with the researchers to improve the tool. In that case, the most powerful malware detection tool available for this protocol would allow to prevent about 35 million fake downloads.

Read more:

In English:

• TorrentFreak: Researchers Counter Massive Onslaught of Fake Torrents
• ghacks.net: TorrentGuard research: 20 publishers responsible for 90% of fake torrents
• TechNews.AM: TorrentGuard research: 20 publishers responsible for 90% of fake torrents
• Wired.co.uk: Locations of the most prolific Pirate Bay uploaders revealed

In Spanish:

• ADSL Zone: Torrent Guard : Detecta archivos falsos y evita el malware en BitTorrent
• NEOTEO ABC: TorrentGuard: La solución parcial ante los torrents falsos
• ATL1040: TorrentGuard: la herramienta más eficaz contra el malware en BitTorrent
• menéame: TorrentGuard: la herramienta más eficaz contra el malware en BitTorrent
• Revista de tecnología: TorrentGuard: la herramienta más eficaz contra el malware en BitTorrent
• Sofhoy: Uno de cada tres torrents en Pirate Bay es spam o malicioso
• Xatakaon: Torrent Guard, una herramienta con sabor español para detectar torrents falsos