Hackers Surreptitiously Downloading Mr. Bean To Your Computer?

from the what-will-they-think-of-next? dept

A few years ago, we noted a novel approach to people defending themselves against computer crime: "a virus did it." It even worked for a guy who was charged with tax evasion, despite the fact that no virus could be found on his computer -- and it only seemed to impact him. However, with malware writers getting more and more sophisticated these days, it's increasingly likely that malicious hackers could do bad things on your machine, leaving you on the hook. We've already discussed how the entertainment industry's lawsuits seem weak since they can't really prove who was responsible for anything they see -- and it looks like some malicious hackers may be taking advantage of that. Someone over at Digg points to a story about a surreptitiously installed rootkit that installs BitTorrent and starts downloading movies (in this case, Mr. Bean) to the infected computers. It's not hard to see how someone could then be accused by the entertainment industry of illegally sharing the movie, even though they had no idea it was even on their computer. While the original poster isn't entirely sure why they're doing this, it's not hard to come up with a few ideas. Remember those online extortion rings that would threaten sites with denial of service attacks if they don't pay up? Imagine the same thing directed at individuals, threatening to get them in trouble for all sorts of illegal things on their computer that they had no idea were even there.

Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonomous, Dec 20th, 2005 @ 9:45pm

    No Subject Given

    I was a victim of something similar. A malware installed a torrent on my computer and used it to download viruses and spyware. I had to reformat my computer to get rid of it all, and it still lags.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Sean Feeney, Dec 20th, 2005 @ 9:56pm

    Re: No Subject Given

    Poor hardware is still poor hardware after a re-format.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Landon, Dec 20th, 2005 @ 11:03pm

    No Subject Given

    Hahhaa. I love it. I now have an out to download stuff, and get away with it. It would have been a little nice though if someone would have done this, I dunno... say 4 or 5 years ago...

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    RefriedBeaner aka Ozzy1644, Dec 21st, 2005 @ 1:43am

    Re: No Subject Given

    Hahah, I was going to say that too. How the F is your comp going to lag after u do a fresh install? Sorry dude but ur a tarded. And if you are getting malware and spyware installed on your computer from using BT(BitTorrent), then BT is not for you. Also how stupid can you be not to see that your bandwidth was being hogged by something else. And if you knew that it was there how hard was it to unplug ur cat5 out of you NIC DUH!!!!!!!

    BTW yes PC users have excuse for dl'n ilegal stuff, alas us *ix users where viruses don't exist for uss. Haha

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    AngloAfro, Dec 21st, 2005 @ 1:46am

    old idea, new data....

    I had a trojan do something similar about 6 years back, it published a directory on my computer and started replicating a warez site on my hard drive. It was actually kind of convenient at the time because it gave me a modest collection of music and porn, but after it consumed all the free space on my hd, I decided to remove it.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    acb, Dec 21st, 2005 @ 2:30am

    Automated extortion

    I was wondering a while ago how long until some clever organised criminals start running automated extortion campaigns. It would work by sending out malware containing encrypted child pornography or something similarly illegal. The program would inform the victim that the "evidence" has been surreptitiously concealed around their hard disk (and burned media and such) over the past N months and that, unless a payment is made (to an anonymous e-cash account in Russia or Somalia or somewhere hard to prosecute), a remote server will send details to the police/their nosy neighbours. Or possibly start spamming their address book with snuff movies or whatever.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Radioactive Halo, Dec 21st, 2005 @ 2:43am

    Here a reason:

    Come up with a list of, say, your 25 fav movies.
    Make 25 versions of said virus, (1 Movie each, or if you are really enterprising, 2,5 or maybe 10 diff movies per virius). Drop them on 25 computers and let their bandwidth soak it up at a slower speed in hopes they don't notice (And what AOL user would?). Then Dl them from the client to your machine. Really, how many putertards notice the upload bandwidth do anything at all let alone cap out?

    Hmmm... I have work to do ;)

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    z0idberg, Dec 21st, 2005 @ 4:39am

    Re: Here a reason:

    Thats one possibility.

    That would pretty much guarantee you dont get a visit from the MPAA lawyers. Only the infected users with the infected PCs are downloading it from the P2P network.

    Another possibility would be these are being installed by some arm of the MPAA themselves providing them with targets to aim lawsuits at to make an example of a few more people.

    Ordinarily I would say there is no way they would be that underhanded, but 6 months ago I would have said the same thing if someone told me Sony were installing rootkits through their audio CDs....

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Oliver Wendell Jones, Dec 21st, 2005 @ 4:52am

    Re: No Subject Given

    Sorry dude but ur a tarded.

    Based on your spelling and grammar, one could say much the same about you.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    sharp, Dec 21st, 2005 @ 6:03am

    Re: No Subject Given

    beaner has no idea what he's doing

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    dafourthhorseman, Dec 21st, 2005 @ 6:20am

    still not sharing

    just because a virus downloads a torrent program to your computer and mysteriously begins to download movies without your consent still doesnt mean you are allowing them to be uploaded. It also doesnt mean that just because it is on your machine that you are sharing it either. So then what is the real issue, downloading or sharing?

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    madmyk, Dec 21st, 2005 @ 6:26am

    everybody should do it...

    sounds like a good way to bankrupt the movie and record industry. If everybody had this virus on thier computer they could download movies and music to thier computer without a care, because when thier computers are inspected the virus would be found and they could blame it. There wouldn't be a single case which the RIAA or MPAA could win because it would all look like an ACCIDENT.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Michael, Dec 21st, 2005 @ 6:29am

    Re: Here a reason:

    z0idberg,

    "Never attribute to malice that which can be adequately explained by stupidity."

    Sony isn't evil. Granted, someone somewhere in there knew what was going on, but I'd guarantee that the executive decision makers were too technically ignorant to understand the real impact. It's just a case of stupidity.

    As for the rest of your conspiracy theory... good luck with that.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Max, Dec 21st, 2005 @ 7:10am

    Here's an Idea!

    Maybe someone should do that to the MPAA computers! Then they could sue themselves!

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Landon, Dec 21st, 2005 @ 10:34am

    No Subject Given

    I think im just going to put one of those old fashioned sub7 trojans on my computer if I were to ever get caught... remember sub7?

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    ME, Dec 21st, 2005 @ 11:57am

    sub7

    hahaha yeah that was great fuck around with back in the day!

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    thatguy, Dec 21st, 2005 @ 12:53pm

    Re: everybody should do it...

    EXACTLY. That's the thing hackers are getting at. Virus writers aren't all bad. Remember, if enough people get this installed, then people won't be held responsible for the movies/music they download and the MPAA/RIAA won't be able to sue anymore. Therefore they'll finally change their business model.

    Even if you don't have the virus on your computer, you would be able to make the claim that you reformatted your HD to get rid of the virus/other problems. People reformat all the time. So even if they do have an ISP log of you downloading a movie and try to sue you 6 months later for it, you can claim to have reformatted after getting the virus and removed the movie in the process. Any decent lawyer could win this case. This is the future of these lawsuits once people start to figure it out.

    The people who write these viruses are saviors. People just don't realize it yet.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    RefriedBeaner aka Ozzy1644, Dec 21st, 2005 @ 1:17pm

    Re: No Subject Given

    I meant to say ur a tard. WTF nobody can make an error? That is how famous words like pr0n came about. But anyways, I still say that doing a fresh install should've fixed everything.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    John, May 8th, 2006 @ 6:01am

    I had exactly this same idea only I envisioned it as a plugin that you could get for azureus that would randomly select a torrent to partially DL and seed (upload more than DL) that you could activate when you had bandwidth to spare because you don't know what was DL'd/UL'd you could simply claim you thought it was limited to innocent noninfringing torrents or weren't sure how it worked or you could claim simply that you are active as a proxy to annonymize bit torrent data and simply claim that as legitimate. (again you wouldn't need to know)

    Though there are a number of ways that this could be defeated by the MPAA there are just as many ways it could be improved so the MPAA couldn't defeate it.

    I believe that in either form (virus or anonymizer/seeder) it is the best answer to making bt safe enough for general use while not slowing it down or requiring a special network like i2p, actually as stated it could be made to increase DL speed for others on the torrentrs you seed.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    klick81, Aug 11th, 2006 @ 9:51pm

    ya know.. this virus excuse ain't gonna hold up for long. if it's your computer that had the virus, it is your responsibility to maintain that computer and keep it virus/malware free. just as an example, if you're going 60mph down the highway and all the sudden your car throws a rod cuz you havent changed the oil in a year and you lose control and smash into a car full of people and they die... you killed 'em. the courts will find you guilty and you will pay the price. same thing. just because you didnt have control of your computer due to not maintaining your antivirus/etc doesnt mean you shouldnt have and arent responsible for the damages.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Bob, Dec 28th, 2006 @ 5:15am

    Re:

    There is a major difference between you car, which you are legally bound to maintain and operate with in the set laws and a computer which you sign absolutly no legal binding agreement on use or maintainance. I'm not disagreeing with your point, nessicarly, just your reasoning.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    m_sripathy1997, Aug 8th, 2008 @ 7:36am

    mr.bean

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.