Security researcher warns on malware-infested cracked software

According to Krebs, whilst previously he had little more than anecdotal evidence that confirmed cracked software as being infested with malware, that situation has now changed.

"Recently, I heard from Alfred Huger, vice president of engineering at Immunet, an anti-virus company recently purchased by Sourcefire. Huger was reaching out to offer feedback on my Three Rules for Online Safety post”, he said.

Huger told Krebs that the rules should have included this warning: Do not download pirated software and cracks from filesharing networks and cracks sites because they are a major source of malware infections,

The Immunet VP of engineering revealed that malware infections are closely correlated with cases in which Immunet users opted to dispute its malware detection for specific files.

Files that are flagged by anti-virus programs, he adds, are considered malicious and are placed in a quarantine area on the user's system. But if users still want to access the file, or they don't believe or care that is malicious, they can reverse or `roll back' that flag.

"A roll back to us is a file which we [flagged as infected] but people disagreed with the conviction and rolled it out of quarantine", Huger told Krebs, adding that in almost every case where users had rolled back an infection flag, it involved cracked or pirated material of some type.

As an example, Huger said that in the previous week, more than 100 Immunet users had rolled back infected files that install copies of the Conficker worm, among other malware.

"I am doing false positive management again this morning", Huger told the security researcher last week.

"In the last 7 days 484 people in my community rolled this out from quarantine. It's frustrating to see because I know once they get infected it's going to be pure misery for them", he said.

Krebs says that he hopes that it is clear from his security blog that downloading pirated software and software cracks is among the fastest and most likeliest ways to infect your computer with something that ultimately hands control over of your PC to someone else.

What’s Hot on Infosecurity Magazine?