Google Chrome and Mozilla Firefox block Kickass Torrents website for malware

Google Chrome and Mozilla Firefox block Kickass Torrents website for malware

From yesterday night, Google Chrome and Mozilla Firefox users visiting popular torrent site Kickass Torrents (KAT) are seeing a malware warning. Both the top browsers are showing you the red message block when you visit https://kat.cr or https://kat.cr and ask you to proceed with caution.

Kickass visitors on Chrome are notified that “Attackers on kat.cr might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).” while the Firefox users are told that “This web page at kat.cr has been reported to contain unwanted software and has been blocked based on your security preferences.”

Google Chrome and Mozilla Firefox block Kickass Torrents website for malware

Chrome users can get around this message by clicking Details and then “visit this site” while Firefox users can click “Ignore this warning.” However, you should do so only at your own risk.

The diagnostics report offers little detail:

What is the current listing status for kat.cr?
Site is listed as suspicious – visiting this web site may harm your computer.

What happened when Google visited this site?
Of the 6582 pages we tested on the site over the past 90 days, 104 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2015-10-08, and the last time suspicious content was found on this site was on 2015-10-08.
Malicious software includes 2 trojan(s), 1 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine.

Malicious software is hosted on 2 domain(s), including downloadnet1004.com/, adventuredistricthotels.com/.

20 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including ato.mx/, adk2.co/, chlcotrk.com/.

This site was hosted on 12 network(s) including AS10929 (NETELLIGENT), AS15169 (GOOGLE), AS41390 (RN-DATA-LV).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, kat.cr did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

In short, either some of Kickass Torrents’ pages are hosting malware, or Google is incorrectly detecting such. This problem usually occurs when an ad network becomes compromised, and starts serving malicious ads, though because sites often use multiple advertising networks, some specific to certain regions, not all users are always affected.

Some users have reported that the malware message has disappeared now and Kickass is operating normally for them.

 

3 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here