A trojan named Troj/Qhost-AC, has been spotted on torrent sites labeled as a keygen for popular software. But in a strange surprise, the trojan would modify the users host file, rather than generating a key, changing popular torrent web sites like, The Pirate Bay, Suprbay (The Pirate Bay forum) and Mininova, the two most popular torrent sites on the internet to 127.0.0.1, making it impossible to visit these sites.
The Trojan caused pop-ups on users screens and played a sound file saying "downloading is wrong". The Trojan didn't install any other spyware or malware onto the victims PC, other than blocking the three web sites, something that many users thought was strange.
The torrent has since been removed from the web sites, but leaves many users asking who is behind this? Many users question it is another attack brought against by the RIAA or MPAA to prevent piracy among music, movies, and software. Not to mention, the leaked MediaDefender email from September 2007 that wanted to launch attacks against sites like The Pirate Bay, and bring about fake files and DoS attacks.
Luckily, the change to the host file brought about by the Trojan is easy to fix, simply by manually editing the host file to remove the added entries will fix the problem.