It’s getting harder to trust uTorrent. The free software, developed by BitTorrent Inc., is again suspected of helping distribute malicious software to many of its 100 million users.
The malware was spotted in a sketchy popup ad that asks users to download and install what appears to be “Internet Explorer Patch Setup.” “Your Update is Ready,” the ad states, including a link compelling users to “Download and install now.” The security patch is in fact a link to a known strain of malware used to steal from victims.
Screenshots of the advertisement first appeared on Reddit Thursday and circulated on social media into Friday. The best way to avoid the attack, aside from switching to another torrent client like Deluge or qBittorrent, is to download an older version of uTorrent or turn off the advertisements entirely. Here’s how to do that on uTorrent version 3.4.3:
- Click Options in the top left corner of the toolbar. Select Preferences from the drop down menu.
- Follow the Advanced link on the left side of the menu. Ignore the WARNING: Do not modify advisory.
- Select Filter box. It should be in the top right corner of the window that appeared when you clicked Advanced. Enter left_rail_offer in the Filter box.
- offers.left_rail_offer_enabled should appear as the only result, though the exact phrase will vary depending on the version. Click the True value and, when asked, change it to False. Finalize the changes by clicking Apply.
- Repeat to also disable:
At last count uTorrent had more than 100 million users around the world. But this is at least the fourth time in 2015 alone that the download software has been flagged for risking user’s security without their knowledge.
Previously uTorrent enabled a third party to leech from a user’s computing power to mine for bitcoin, then researchers discovered uTorrent had been hijacked to launch distributed denial-of-service attacks. That’s not to mention an alert from Google, which warned users who were trying to download uTorrent that it was on Google’s Harmful Programs list.