According to TorrentFreak, researchers report that “one third of all torrents uploaded to The Pirate Bay point to malware or scams“.
The Pirate Bay (TPB) is the world’s most popular BitTorrent (file sharing) website – currently the 81st most visited website in the world (per Alexa) and hosting over 4 million torrent links including music, films and TV videos.
As a result of the content offered TPB is often the subject of legal challenges – numerous courts have found that it infringes copyright and many countries (e.g. the UK) force ISPs to block the site – with spectacularly little success as it’s simple to bypass the block…
However, the legality of downloading torrents aside, this research raises important security issues for BitTorrent users. During a two week period the researchers found that one third of all torrent files uploaded to TPB are actually links to malware or scams.
Although most of the offending fake links were removed by TPB moderators within hours, this would have been too late if you were one of the unlucky users who downloaded the fake torrent before then.
The researchers also found that 90% of all the fake files were seeded (initially uploaded) by just 20 IP addresses. Using this factor they have developed a free TorrentGuard tool for BitTorrent users to check a torrent before downloading it:
TorrentGuard Tool is available as a Vuze plugin or as a manual check via the webpage here.
Whilst TorrentGuard can’t be 100% effective in spotting fakes, the researchers estimate that 10 million fake downloads per year can be prevented by its use.
Conclusion
Best security (and legal issues) would require users to avoid downloading Torrents at all unless they are from known good websites e.g. the popular free Office suite LibreOffice offer their 200MB installer as a Torrent file because it may be quicker to download than from LibreOffice servers.
However, if you download Torrents for other purposes, the TorrentGuard app is a useful addition to your security arsenal – and should be backed up by a top internet security suite to help mitigate against malware found in Torrent downloads.