Malware attack on 400k PCs caused by backdoored BitTorrent app
A recent malware campaign that attempted to install a resource-draining currency miner on more than 400,000 computers in 12 hours was caused by a malicious backdoor that was sneaked into a BitTorrent application called Mediaget, a Microsoft researcher said Tuesday.
The failed campaign is the latest example of what researchers call a supply-chain attack, which aims to infect large numbers of people by compromising a popular piece of hardware or software. Other examples of recent supply-chain attacks include a backdoored update of the CCleaner disk-maintenence program delivered to 2.27 million people, a tainted version of the Transmission BitTorrent client that installed ransomware on Macs, and a collection of malicious Android apps that came preinstalled on phones from two different manufacturers.
One of the more significant supply-chain attacks to come to light was the tampering of the update process for M.E.Doc, a tax-accounting application that's widely used in Ukraine. The compromised update seeded the NotPetya wiper worm, which shut down computers all over the world last July.