Security researchers have uncovered a new ecosystem for a malicious backdoor trojan that uses torrents as a delivery medium to target weak WordPress accounts. The trojan, dubbed Sathurbot, has been active since at least June 2016 and has infected over 20,000 computers so far. According to ESET researchers, Sathurbot comes disguised as a torrent with an apparent installer executable and a small text file. The backdoor trojan preys on users looking to download a free movie or software torrent and entices them into running the executable and loading the Sathurbot DLL.
View full story
ORIGINAL SOURCE: IBTimes