This band of vigilantes is hitting internet pirates with malware attacks

The do-gooder malware

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers have chanced upon an “oddball”malwarethat aims to prevent infected users from visiting websites that host pirated software.

Principal Researcher atSophosLabs Andrew Brandt says it is one of the “strangest cases” he’s seen in a while.

“Instead of seeking to steal passwords or to extort a computer’s owner for ransom, this malware blocks infected users’ computers from being able to visit a large number of websites dedicated to software piracy,”writes Brandtof the so-called vigilante malware.

Brandt suggests the malware blocks the website using the HOSTS file on the infected system; a method he refers to as “crude but effective.”

Noble intentions

Noble intentions

In his breakdown of the malware, Brandt notes that its authors disguise it as cracked versions of popular online games such asMinecraft, as well as productivity tools, security tools, and other popular software.

The malware is distributed via ThePirateBay, notorious for hosting all sorts of pirated content including software, as well as through the game chat serviceDiscord.

Upon execution it displays a fake error message, while in the background it runs a couple of checks before modifying the HOSTS file.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sophos put the malware through its paces and it appears it really does nothing sinister except prevent users from accessing online repositories that host pirated software.

Brandt concludes that the malware modifies no other file besides the HOSTS file, which can easily be cleaned using a simpletext editor.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Quordle today – hints and answers for Saturday, November 9 (game #1020)