When malware often hits the news, it frequently involves a malicious agent wanting to deal damage and steal money from innocent victims. However, there are rare cases where a malware developer wants to do good with their program, even if some may consider their measures a little extreme.
Let’s explore when malware has a conscience and what this means for you.
When Malware Developers Fight for Good
It’s rare to find malware that fights for good instead of evil, but it’s out there on occasion. Recently, one fittingly named “Vigilante” has been making the rounds to thwart software pirates.
As reported on Sophos, Vigilante worked by disguising itself as a pirated game. When someone downloads and runs it, the malware goes through the computer’s HOST file and adds a bunch of websites to it. The victim can then no longer access these sites unless they delete the entries or find another way around.
It sounds like regular malware at first, but when you see the list of websites being blocked, you realize it’s anything but.
But not in this case. These samples really only did a few things, none of which fit the typical motive for malware criminals.
For one thing, they modify the HOSTS file on the PC to add entries. A lot of entries.
They had a common theme. pic.twitter.com/O1Z2fSXZ1n
— Accountability Brandt (@threatresearch) June 17, 2021
The affected websites are all mirrors of The Pirate Bay. Even the ones called “TPB” are just shorthand for the piracy website’s name.
As such, Vigilante’s main goal is to knock people off of The Pirate Bay, and potentially pirating altogether. It’s an odd case, because usually, malware doesn’t directly dissuade people from using piracy sites.
Other Cases of Malware Retribution
This isn’t the first time that malware has been used as a tool to get back at people. They’re very rare, but other examples do exist.
As reported by Fidus, a company called FlightSimLabs tried its hand at catching thieves back in 2018. The company makes add-ons for simulation games, like Microsoft’s own Flight Simulator. The problem is, people kept downloading the add-ons without paying.
To fight back, FlightSimLabs uploaded a laced add-on onto pirating websites. This add-on harvested the victim’s personal information, such as Chrome passwords.
In fact, this kind of malware can be traced all the way back to 2010 when the Kenzero malware was making the rounds on the internet. Kenzero was a specialist strain of malware found in adult anime games uploaded to illegal file sharing websites and seeders.
When someone downloaded a game infected with Kenzero, the game would ask for Personal Identifiable Information (PII), such as the user’s name and phone number. Kenzero would then upload this information to a private website, alongside harvested browser history data and desktop screenshots.
By the time Kenzero had made the rounds, it had a sizable wall of shame of personal information on people who had downloaded adult games illegally. The malware would then inform the user to send 1,500 yen (that’s around $13) to pay for their pirating ways and get their details removed from the website.
How to Avoid Retribution Malware
You’ll likely have noticed that every example listed above has a focus on punishing software pirates. As such, avoiding this kind of malware is simple: buy your software and never pirate it from shady websites.
In fact, this is good advice for avoiding all kinds of malware, not just this specific kind. Some people lace illegal downloads with malware, but it’s more to use and abuse the victim’s resources than to teach them a lesson.
For example, some pirated games will contain ransomware to force people to pay up. Others may contain cryptocurrency miners that secretly earn the malware developers money without the victim knowing.
As such, if you don’t want people harvesting your financial information or posting your phone number online as revenge for pirating software… don’t pirate software!
Piracy: Not Always a Good Idea
If you’re someone who likes pirating software, you may want to reconsider in the future. Pirate websites are hotspots for malware, and some of them are specifically designed to punish those who prefer not to pay for content.
In fact, any kind of piracy comes with its own risks. For instance, using illegal IPTV streams can be a bad idea in the long run.