Utorrent Has Malware

Discussion in 'Mac OS X System & Mac Software' started by brianleahy, Mar 23, 2015.

  1. brianleahy

    brianleahy
    uix_expand uix_collapse
    Colonel Panic

    Joined:
    Sep 23, 2000
    Messages:
    1,590
    Likes Received:
    0
    Just downloaded "µTorrent Stable(1.8.7 build 37979)" - and routinely ran it through virus barrier.

    It's got "OS X/Spigot.A" according to Virusbarrier.

    Beware. I'm officially a permanent non-uTorrent user.
     
  2. Satcomer

    Satcomer
    uix_expand uix_collapse
    In Geostationary Orbit

    Joined:
    Jul 16, 2002
    Messages:
    9,444
    Likes Received:
    24
  3. MisterMe

    MisterMe
    uix_expand uix_collapse
    Registered

    Joined:
    Jun 30, 2002
    Messages:
    4,050
    Likes Received:
    4
    This is a clarification, not a contradiction. I note that that you did not name the site from which you downloaded µTorrrent 1.8.7. The omitted information is relevant as will become clear below. Spigot is an adware engine. We tend to think of adware and malware as the work of nefarious people and the just desserts of those engaged in bad computer practices. Over the last year or so, this has changed. Formerly trusted repositories of computer software now distribute Spigot and other adware engines along with the software that you are downloading.

    A particularly egregious offender is CBS Interactive--a division of the same company that brings you 60 Minutes and NCIS. Popularly known as c|net Download.com, this has been one of the most popular and trusted repositories of software for Mac and Windows for decades. However, Download.com downloads an installer rather than downloading your software directly. If you read the small print carefully and opt not to accept the adware, then you will get a clean .dmg disk image file used by the developer to distribute its software. However, the default is to download and install the adware.

    There is another rather pernicious strategy for distributing adware for the Mac. Certain sites are now setup for the singular and sole purpose to tricking the user to click on a "desirable" video. The site then claims that you must download a viewer to view the video. The only way to escape the download window is to kill the browser window. If you consent, then the site will download an adware infected version of MPlayer X or another well-known video player.

    In preparation for this response, I downloaded µTorrent 1.8.7 directly from the uTorrent.com website. I scanned the mounted .dmg file using AdWareMedic. AdWareMedic did not detect Spigot or any other adware. I also downloaded µTorrent 1.8.7 using the CBS Interactive Download.com website. The site downloaded a copy of the µTorrent .dmg rather than an installer.

    Now that you understand why sharing the download site for the source of your infected software is important, would you mind sharing that information with us?
     
  4. Satcomer

    Satcomer
    uix_expand uix_collapse
    In Geostationary Orbit

    Joined:
    Jul 16, 2002
    Messages:
    9,444
    Likes Received:
    24
    The more I think about your situation is don't download from the CBS Download Site and instead use the Mac App Store and MacUpdate.com. This way you know you getting this trusted sources, besides you can read users experiences with the software you are trying out.
     
  5. ElDiabloConCaca

    ElDiabloConCaca
    uix_expand uix_collapse
    U.S.D.A. Prime

    Joined:
    Aug 22, 2001
    Messages:
    14,533
    Likes Received:
    18
    Satcomer's got it right. Always get it direct from the source. C|Net, Download.com, CBS Download Site -- none of those are the company that produces uTorrent (for example), so why download it from them?

    While they may or may not be great places to browse and search for software, my recommendation would be once you find a piece of software you want, research that software, find out who produces it, then go directly to their site to download it. MacUpdate.com and the like typically link directly to the software from the producer's website instead of wrapping it in some kind of branded, 2nd-layer installer that installs adware along with the software you're interested in.
     

Share This Page