Malware attack on 400k PCs caused by backdoored BitTorrent app

(credit: Jeremy Brooks) A recent malware campaign that attempted to install a resource-draining currency miner on more than 400,000 computers in 12 hours was caused by a malicious backdoor that was sneaked into a BitTorrent application called Mediaget, a Microsoft researcher said Tuesday. The failed campaign is the latest example of what researchers call a supply-chain attack, which aims to infect large numbers of people by compromising a popular piece of hardware or software. Other examples of recent supply-chain attacks include a backdoored update of the CCleaner disk-maintenence program delivered to 2.27 million people, a tainted version of the Transmission BitTorrent client that installed ransomware on Macs, and a collection of malicious Android apps that came preinstalled on phones from two different manufacturers. One of the more significant supply-chain attacks to come to light was the tampering of the update process for M.E.Doc, a tax-accounting application that's widely used in Ukraine. The compromised update seeded the NotPetya wiper worm, which shut down computers all over the world last July. Read 4 remaining paragraphs | Comments source: https://arstechnica.com/?p=1275803 via #PCH3lp by: Dan Goodin

Original Post: https://arstechnica.com/information-technology/2018/03/malware-attack-on-400k-pcs-caused-by-backdoored-bittorrent-app/