The bad guys are going after the Pirates

File-sharing organization Pirate Bay has been controversial for a long time, like maybe the length of its entire existence. It�s been in the news recently because a number of governments are trying to shut it down. That�s a situation ripe for social engineering.

Our analyst Matthew Mesa found this scheme this morning: a number of typo-squatting sites carrying the following. (Note: the REAL Pirate Bay site is thepiratebay.org.) What would lead a victim to this? The phony site piratebay.com (below) comes up as the third result on a Google search for �piratebay� or fourth for �pirate bay."


(click to enlarge)

The phony sites we found were:

http://htepiratebay.org/
http://piatebay.org/
http://www.piratesbay.org/
http://piratesbay.com/
http://piratebay.com/
http://thepriatebay.org/
http://thpiratebay.org/
http://thepiratesbay.org/
http://thepirateby.org/
http://www.thepiratbay.org/
http://videobay.com/
http://piratebay.com/

OK, we thought we see click the download button (kids, don�t try this at home) and see if the software really is �. . . safe and keeps me protected.�



(Click to enlarge)

Short answer: �no.�

It tries to download a file called �eMuleSetup.exe� from a site registered to Hotbar, Inc. VIPRE detects it as �Pinball Corporation. (v)�

The real Pirate Bay site is NOT posting any warnings.



Thanks Matthew and Adam.

Tom Kelchner