TorrentGuard: The most effective tool against BitTorrent malware
10 September 2012
BitTorrent is not immune from malware. Sites like The Pirate Bay, due the huge volume of contents distributed from them, obviously contain a lot of scams, fakes and malware among their files. According to researchers, at least one third of TPB houses this kind of contents in the form of fake torrents. This is the reason that led to the creation of TorrentGuard, a tool that will enable users themselves to identify this kind of files, that TPB is working to optimize and implement.
The fact is that, due to the large number of users each month, bittorrent is a clear target for a wide range of scams and fake torrents which are downloaded by users allured by names of popular films or TV series. In most cases, once the file is downloaded, users end up being forwarded to malicious web sites or installing malware.
The Pirate Bay is probably the site where this kind of activities are more prevalent in BitTorrent. For this reason, a group of researchers decided to monitor all the files it contained over a period of two weeks.
Researchers found that, out of 29,330 torrent files, 12.209 were“fake” and were removed. This means one out of every three uploaded torrents are fake, either malware or some kind of scams. While TPB moderators and administrators are constantly removing them, researchers warned that, within one year, millions of users would end up downloading those fake files.
And this is where TorrentGuard comes up. A system capable to describe and analyze the issue of fake torrents. A tool enabling users themselves to check the torrents before they are downloaded. A tool provided as a Vuze plugin, but also available as a web service.
And how does it work? According to their description, the system can identify malicious files because most of them are uploaded by a small group of uploaders. 90% of all fake files were “seeded” by only 20 IP addresses. Therefore, according to statistics, TorrentGuard can prevent around 10 million fake downloads a year.
Rubén Cuevas, a researcher from the Carlos III University of Madrid who has worked in the project, talked about it with torrentfreak:
While we know most power users are aware of these risks and can identify fake torrents in most cases, a large percentage of BitTorrent users are not skilled enough to tell fake torrents from legitimate ones. We hope our research will enable at least part of the non-skilled users to become aware of this threat and thus be more careful when selecting torrents to be downloaded.
In addition to The Pirate Bay, OpenBitTorrent and PublicBitTorrent have already said they will cooperate with the researchers to improve the tool. In that case, the most powerful malware detection tool available for this protocol would allow to prevent about 35 million fake downloads.