Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Pirated Windows 7 Builds Botnet with Trojan

12 May 2009   #1

Windows 7 Ultimate x64 SP1
Pirated Windows 7 Builds Botnet with Trojan

Security researchers at Damballa report shutting down the command and control server of a botnet built by a Trojan bundled with pirated copies of Windows 7 RC. The Trojan is believed to have infected thousands of users.

Attackers pushing pirated, malware-laced copies of Microsoft's upcoming Windows 7 operating system have been actively trying to build a botnet.
According to researchers at Damballa, attackers hid a Trojan inside of pirated copies of the operating system and began circulating them on BitTorrent sites. Damballa reported that it shut down the botnet's command and control server May 10, but by that time infection rates had risen as high as 552 users per hour.

"Since the pirated package was released on April 24th, my best guess is that this botnet probably had at least 27,000 successful installs prior to our takedown of its CnC [command and control] on May 10th," said Tripp Cox, vice president of engineering at Damballa.


My System SpecsSystem Spec
12 May 2009   #2

Win7 Ultimate x64 on Desktop / Win7 Ultimate x86 on laptop / Win7 x86 Starter on Netbook

Thanks for the warning. Glad I waited for the official download. :)
My System SpecsSystem Spec
12 May 2009   #3

Windows 7 Ultimate x64, Mint 9

LOL. Why?

The RC is free..... Why are people so stupid?

My System SpecsSystem Spec

13 May 2009   #4
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64

Well it was I tried to point out before and got a lot of back talk about people matching up hashes there are ways around things in order to slip bugs into the various leaks. Earlier you saw the MS official warning about downloading from torrent sites. Now you see a strong one here about the RCs being polluted.

And the 4/24 date sounds awful familiar doesn't it? Airbot

Another sentence to add here is the start of the following paragraph in the article seen at the link there. "Targeting users through pirated software is nothing new for hackers." It makes far more sense to stay with the genuine article coming direct from Microsoft rather then thinking you are getting something still good elsewhere and to run into something like that.

I just got pointed to another article on this seen at
My System SpecsSystem Spec
13 May 2009   #5

Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz)

The 4/24 date shows up in History as the leaked torrent date
My System SpecsSystem Spec
13 May 2009   #6
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64

Evidently the tampered with leak was uploaded on the same day it got out. For many it was late in the day or at night time when people started jumping on it at that time.
My System SpecsSystem Spec
13 May 2009   #7

Wndows 7

Has anybody identified or caught this trojan within their own operating system?
I have seen lots of discussions but no obvious candidates, what are its characteristics?
is there no proprietary programs available to capture it.
Keen to understand above the chatter


My System SpecsSystem Spec
13 May 2009   #8

Windows 2000

Perhaps it is possible to identify the exact source(s) of this infected Windows 7?

I guess people were just over eager and tried to get their hands on first available new builds, and noticing new improvements over other builds somewhat blindsided them out on security issues.

If it's not too much to ask, what are the manifestations of the malware, anyway?
My System SpecsSystem Spec
13 May 2009   #9
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64

I never got any detailed description when being informed on prior occasions about some leaks having malwares well hidden that the average user won't even notice. Those could be anything from adbots to keyloggers for gaining credit card and other information useful in identity theft as well as things that would suddenly see Windows crash for no apparent reason.

The people planting bugs know how to write malwares that are intended for a specific purpose. You can run a search all day and still not find where they get the tools for that however. From the article seen there like a few others lately the intent by hackers is to build a "botnet" or best known as an army of zombie home pcs where the users are unaware that their machines are infected. One reference for this is seen at What is botnet? - a definition from - see also: zombie army, bot network
My System SpecsSystem Spec
13 May 2009   #10
Captain Zero

Windows 7 Home Premium x64

At this point, stealing Win7 is like trying to do a dine-and-dash in a soup kitchen.

My System SpecsSystem Spec

 Pirated Windows 7 Builds Botnet with Trojan

Thread Tools

Similar help and support threads
Thread Forum
Windows 7 'pirated'
Hi there, guys, Everything was going smimmingly...Windows 10 installed...and then, one day, i got the BSD with "unlocatable boot device" After trying all the recommended fixes, without luck, I figured, well, I hate myself, why not re-install Windows 7 on this computer again? ANyway, short story...
Windows Updates & Activation
I think my school uses pirated windows 7
The image was taken by sniping tool and uploaded onto google drive.
Windows Updates & Activation

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 20:57.
Twitter Facebook Google+