Black Team’s tool ‘RAUM’ is infecting torrent users with malware

Cybercrime syndicate Black Team is spreading its new malicious tool “RAUM” that drops malware on victims’ devices with a torrent file.

A recent investigation by InfoArmor revealed that a new tool has surfaced in the black markets. It allows hackers to attach malware in torrent downloads. The tool is being sold for a fee and is known as “RAUM”. The malware lets the developers access a victim’s banking information and other passwords.

Torrent game files have become a major threat

With the help of torrents, users can download copies of software, music, videos and games from websites such as The Pirate Bay, ExtraTorrent etc but RAUM has been developed in such a way that it lets the attackers earn money through the Pay-per-install method by keeping a track of downloads from aforementioned websites.

RAUM's architecture / Image Source: InfoArmor
RAUM’s architecture / Image Source: InfoArmor

However, it is mostly online gaming downloads that have been accompanied by this malicious tool. What is more, the team of developers has also devised a system through which they can track uploaders of torrent files and then hijack their websites to force them to put the malware in their files.

Must Read: Fallout 4 Pirated Copy Leads To Bitcoin Theft

Initially, the bad actors have used the uTorrent client in order to distribute the files. More recently, they have deployed a special infrastructure that allows them to manage new seeds using a broad network of dedicated and virtual servers – including hacked devices, according to InfoArmor.

Who is behind all this?

You may wonder who can come up with such a clever way of infiltrating people’s privacy. Well, up till now, the only thing discovered is that the developers have their base in Eastern Europe and call themselves Black Team.

It is strongly advised that people refrain from downloading pirated files from torrent or from any other source for that matter. It is not surprising to have malware associated with such pirated downloads.

According to Andra Zaharia of Heimdal Security, tools like RAUM are ideal for cyber criminals to target uninformed users with ransomware.

She said: “Cyber criminals are in a race – between themselves and with themselves – to find the ransomware distributions vectors with the highest impact. Often, this translates into injecting malicious content into high-traffic web destinations, be they web servers, websites or other types of content, like torrents.

With torrents, more factors which can help their infections achieve a higher success rate comes into play. Cyber criminals can leverage the trust that users have in that torrent portal. Additionally, they can also manipulate the rating system to artificially build trust in the infected files and enhance their distribution.

Ransomware creators and the malicious actors who distribute it will never cease innovating in terms of infections tactics and spreading malware. But what we can do is keep an eye on them and help Internet users everywhere improve their security habits for safer online experiences.”

Related: 7 Online Activities That Can Get You Arrested

In December 2015, according to a study carried out by Digital Citizens Alliance and RiskIQ, almost one-third of the 800 torrent sites dropped malware on the users’ PC between June and August 2015 which is about 12 million Internet users per month. In total, it was estimated that torrent sites infects 12 million users on a monthly basis and earn around $70 million per year.

InfoArmor Alexskopje/Shutterstock

Did you enjoy reading this article? Kindly do like our page on Facebook, follow us on Twitter and Google + and help us grow.

Suggest ideas, report typos and corrections to [email protected]

Related Posts