Tuesday, September 27, 2016 Headlines & Global News

RAUM Malware: Affected torrent sites, weaponized torrent files, malicious payload

A US security firm has discovered RAUM, an underground cyber crime network used by hackers to upload malware to popular torrent files. Affected torrent sites include The Pirate Bay, ExtraTorrent and Demonoid.

By Guneet Bhatia | Sep 23, 2016 11:36 AM EDT

Kickass Torrents
Kickass Torrents shut down (Photo : VietStar )

An underground network called "RAUM" is the next big thing in the world of cyber crime. This network, rather tool, helps hacker to load malicious coding to freely downloadable files available on popular torrent sites.

The revelation has been made by a security firm in the United States called InfoArmor. According to the security experts at the company, members of an Eastern European group called "Black Team" is using RAUM to upload malicious payloads to the most popular torrent files available on different sites.

The same network makes use of fake or hacked accounts to look after the world of piracy. They use popular torrent sites to upload malicious programs in the form of downloadable files. The group then uses the same accounts to give a spike to the malicious torrents.

As a result, such files appear on the top of the search page to attract users. As soon as the user downloads the torrent file and installs it, the malicious payload corrupts the system.

The security agency further revealed that the hackers can create their own account on RAUM, pay some amount of money and go through a rigrous process to be able to upload their malware to the torrent files. RAUM even recommends the files that can be used for uploading malware, based on the popularity and the number of downloads.

According to Softpedia, the seeding system used by RAUM is highly efficient and the torrent files affected by malware survive more than one month because of the same system. Some of the popular torrent sites affected by Raum include The Pirate Bay (TPB), Demonoid and ExtraTorrent.

The hackers are potentially targeting these sites because they are largely being used to download files, especially after other torrent sites such as Kickass torrents were shut down. It is rumored that Raum is the reason behind the "safe browsing" warning that the users have been getting in their browsers.

The most common files affected by malware attack include games, software packages and activation files for Mac OS and MS Windows.  

Like Us on Facebook

Copyright @ Headlines & Global News.