Utorrent Has Malware

brianleahy

Colonel Panic
#1
Just downloaded "µTorrent Stable(1.8.7 build 37979)" - and routinely ran it through virus barrier.

It's got "OS X/Spigot.A" according to Virusbarrier.

Beware. I'm officially a permanent non-uTorrent user.
 
#3
Just downloaded "µTorrent Stable(1.8.7 build 37979)" - and routinely ran it through virus barrier.

It's got "OS X/Spigot.A" according to Virusbarrier.

Beware. I'm officially a permanent non-uTorrent user.
This is a clarification, not a contradiction. I note that that you did not name the site from which you downloaded µTorrrent 1.8.7. The omitted information is relevant as will become clear below. Spigot is an adware engine. We tend to think of adware and malware as the work of nefarious people and the just desserts of those engaged in bad computer practices. Over the last year or so, this has changed. Formerly trusted repositories of computer software now distribute Spigot and other adware engines along with the software that you are downloading.

A particularly egregious offender is CBS Interactive--a division of the same company that brings you 60 Minutes and NCIS. Popularly known as c|net Download.com, this has been one of the most popular and trusted repositories of software for Mac and Windows for decades. However, Download.com downloads an installer rather than downloading your software directly. If you read the small print carefully and opt not to accept the adware, then you will get a clean .dmg disk image file used by the developer to distribute its software. However, the default is to download and install the adware.

There is another rather pernicious strategy for distributing adware for the Mac. Certain sites are now setup for the singular and sole purpose to tricking the user to click on a "desirable" video. The site then claims that you must download a viewer to view the video. The only way to escape the download window is to kill the browser window. If you consent, then the site will download an adware infected version of MPlayer X or another well-known video player.

In preparation for this response, I downloaded µTorrent 1.8.7 directly from the uTorrent.com website. I scanned the mounted .dmg file using AdWareMedic. AdWareMedic did not detect Spigot or any other adware. I also downloaded µTorrent 1.8.7 using the CBS Interactive Download.com website. The site downloaded a copy of the µTorrent .dmg rather than an installer.

Now that you understand why sharing the download site for the source of your infected software is important, would you mind sharing that information with us?
 

Satcomer

In Geostationary Orbit
#4
Just downloaded "µTorrent Stable(1.8.7 build 37979)" - and routinely ran it through virus barrier.

It's got "OS X/Spigot.A" according to Virusbarrier.

Beware. I'm officially a permanent non-uTorrent user.
The more I think about your situation is don't download from the CBS Download Site and instead use the Mac App Store and MacUpdate.com. This way you know you getting this trusted sources, besides you can read users experiences with the software you are trying out.
 
#5
Satcomer's got it right. Always get it direct from the source. C|Net, Download.com, CBS Download Site -- none of those are the company that produces uTorrent (for example), so why download it from them?

While they may or may not be great places to browse and search for software, my recommendation would be once you find a piece of software you want, research that software, find out who produces it, then go directly to their site to download it. MacUpdate.com and the like typically link directly to the software from the producer's website instead of wrapping it in some kind of branded, 2nd-layer installer that installs adware along with the software you're interested in.
 
Top