How Does One Get Malware from Torrents?

I don't know much about torrents. Is it you try to download a file, such as LibreOffice. You get a tiny torrent link for LibreOffice. A torrent service such as uTorrent download pieces of the file from many different computers, referred to as seeds?

So if the file you torrent comes from many different parts, how can you get malware, as the malware would be broken up?

Does it come from a malware torrent masquerading as a useful file, such as LibreOffice?

 

Im not that up on torrents and i dont use them personally but ive been led to believe that bit torrents are the most dangerous as "bits" of a program are coming from several unknown computers..I think thats how it works anyway.
Others may know more.

 

How BitTorrent distributes files isn't particularly relevant; "seeds" are just computers that have the full file (not just bits) and are uploading, and peers are computers that are still downloading (and thus uploading the parts that they do have as well). Anyone can create a torrent and share files. So someone creates a torrent for a trojan and calls it a crack, people download and run it. Likewise they could bundle malware in with a legit program and upload it, or unintentionally upload an infected program.

 

The adjective "share" is the real danger here..i dont get involved in any form of file sharing what so ever and the whole concept by nature is prone to abuse.

 

The real problem is that if you download something from unknown sources, you have no control over it and no assurance of it being good or free from malware. When you download apps via p2p, you take your chances...

 

I have gotten Java malware before from one.

 

Simple put, you do not. You will download, what is within the torrent and nothing more, it is not sharing like Windows sharing, it is the same like downloading from a webpage through HTTP, no difference at all. I have spent years downloading torrents and I know no one, who would got infected like that. You can only download malware, if it is in the torrent in disguise. So avoid fake torrents and torrent webpages without comments, where people could reports problems, use webpages like piratebay or torrent forums.

 

Best Answer = TOMxEU's post.

I wholeheartedly agree. A download is a download, be it torrent or otherwise. Now what you get in the torrent is a another story.

I am download a torrent right now (CentOS-6.3-x86_64-LiveDVD).

 

Any file can be renamed to anything, matters not the download vector.

 

If you are careful, you will not get any malware from torrents. For instance, if you download a Linux distribution you will probably be able to find the checksums for your download on the official page for that distro, so you can check the downloaded file's validity.

 

Keygens

 

That's not torrent specific

 

True, but it's one possible way of getting malware from a torrent.

 

How you get malware from torrent?
Stoopidity.
Always download good torrents (By known/trusted uploaders) and scan everything in it all the time.

 

Remember when you could make a copy of a cassette, or put your album on one, back up your cd to keep the original from scratches. Now if you play with torrents, or make a mix cd which don't do, you end up getting in trouble. And would it not be helpful to the musicians and actors if a few people actually got to watch a movie, show, or listen to a cd that they would not otherwise buy until they became a fan?

 

By clicking on something that you thought was safe, but wasn't.

Could be:
- A PDF of some book with an embedded exploit
- A file with the wrong extension (social engineering)
- A cracked installer or keygen with a malicious payload

That last is probably the most common. I cannot emphasize enough, there is no safety with warez. If you did not break the DRM yourself, using your own methods and yours alone, then you do not know what you are getting; end of story. Antivirus engines and "trusted" uploaders can both be fooled.

 

Besides the usual advises against malware...

..Check the MD5 Hash to see if what you got from the torrent download is what you wanted.

A portable app that helps with that task: WinMd5Sum Portable

Of course you will need to know the genuine MD5 Hash in order to compare.

In the case of LibreOffice, their devs show this information in the link of the "Info" buttons available on their download page: example.

On some sites you can get genuine MD5 Hashes for various software installers. File Hippo is an example of such site.

Note: SHA-2 Hashes are more secure but it's generally harder to obtain them. See here:

- http://www.techsupportalert.com/best-free-hash-utility.htm

 

Keygens are the boogyman, sure if you go to crack sites they will be infected but on torrent's it's going to be file itself that is infected. Most of the time they repack a legit file with malware and send it out in those 0-DAY packs.

 

P2P file sharing risks

 

The same way like any other download vector.
You download crap and execute it.
Mrk