Bogus reborn Demonoid site tricks torrenters into downloading malware

first_imgBefore its shutdown, Demonoid was one of the most popular (semi)private torrent trackers on the Internet. Fans thought it was gone forever, until a new domain — D2.vu — popped up and proclaimed itself to be Demonoid reborn.An email blast went out that proudly proclaimed the news. An “amazing sequence of unlikely events” somehow led to the data from Demonoid’s Ukraine-based servers finding its way to eager members of the torrent scene.The emails were very well written — free from the grammar and syntax errors that often give away malicious Internet schemes. Nothing fishy here, Demonoid user… just good news! Simply click the link and log in with your summer 2012 credentials and you’re good to go!For some fans, the email was just too enticing. Unfortunately, they weren’t able to log in to the “new Demonoid.” Instead, they were greeted with a hearty serving of malware.Torrentfreak did some digging and tracked down the owner of the D2.vu domain. Interestingly, this individual had chosen to set up the new site on an American hosting company’s servers. By the time Torrentfreak got in touch with Ramnode, administrators had already suspended the account.Ramnode “[isn’t] sure what was going on with that VPS,” but noted that hosting malware may have been the bare minimum. They’ll know more after further investigation, but the D2.vu site on its servers will almost certainly have its plug pulled in the very near future.If you happen to be one of the users that fell into this trap, it’s time to do some password changes. If you re-used your Demonoid credentials anywhere important — Gmail, Hotmail, PayPal, Facebook, Twitter — then you should switch them up immediately. There’s a good chance a criminal somewhere is hammering away with them and trying to access your accounts.As if groups like the MPAA and RIAA hadn’t shaken up the torrent scene enough already, now we’ve got to deal with lowlife criminal elements trying to sleaze their way in to the picture. Take any such emails you receive in the future with a large scoop of salt, folks.last_img