Researchers offer advice on how to block WFH employees from downloading pirated software | SC Media

Researchers offer advice on how to block WFH employees from downloading pirated software | SC Media

Discord booth at the 2018 PAX West at the Washington State Convention Center in Seattle, Washington. (Gage Skidmore from Peoria, AZ, United States of America, CC BY-SA 2.0 https://creativecommons.org/licenses/by-sa/2.0, via Wikimedia Commons)

Security teams looking to prevent work-from-home and remote users from downloading potentially trojanized pirated software will find Thursday’s research by Sophos of interest.


In a blog post, Sophos researchers reported on a curious malware program that comes disguised as pirated copies of software, but actually modifies infected users’ HOSTS file to blocks them from visiting software piracy websites in the future. The malware also sends the name of the pirated software that the user was hoping to obtain to a website that delivers a secondary payload. Although it’s somewhat crude because the malware has no persistence mechanism, the researchers said the technique can effectively prevent computers from reaching specified web addresses.


At least some of the malware was hosted on the game chat service Discord. Other copies were distributed via BitTorrent and named after ..

Support the originator by clicking the read the rest link below.