File-sharing organization Pirate Bay has been controversial for a long time, like maybe the length of its entire existence. It’s been in the news recently because a number of governments are trying to shut it down. That’s a situation ripe for social engineering.
Our analyst Matthew Mesa found this scheme this morning: a number of typo-squatting sites carrying the following. (Note: the REAL Pirate Bay site is thepiratebay.org.) What would lead a victim to this? The phony site piratebay.com (below) comes up as the third result on a Google search for “piratebay” or fourth for “pirate bay.”
OK, we thought we see click the download button (kids, don’t try this at home) and see if the software really is “. . . safe and keeps me protected.”
(Click to enlarge)
Short answer: “no.”
It tries to download a file called “eMuleSetup.exe” from a site registered to Hotbar, Inc. VIPRE detects it as “Pinball Corporation. (v)”
The real Pirate Bay site is NOT posting any warnings.
Thanks Matthew and Adam.