Google-backed file sharing program spreads malware to Windows and Android users


If you’re from the West, then you might not have heard of Xunlei, a popular BitTorrent client in China. Aside from delivering entertainment to its users, the BitTorrent client is also distributing malware to Windows PCs and Android devices. We understand the malware was spread by rogue employees and Xunlei has since fired the employees behind the problem, and now offer an uninstaller for public consumption.

Interestingly enough, Xunlei is partly owned by no other than Google, so let that sink in for a while. (Not that we are insinuating Google had anything to do with the infections.)

A recent investigation by security company Eset highlighted that Xunlei has been sending malware named “Win32/Kankan” to Windows and Android users. Furthermore, this malware was signed with the company’s security certificate, which aided in capturing the culprits.

Eset claims the Malware is classed as a Trojan and will only affect Chinese users, so that’s good news for folks living outside of the Great Wall.

“The company officially admitted during a press conference that some of its employees have used company resources to create and distribute this program. The degree to which Xunlei Networking Technologies is implicated is hard to tell from the outside,” said Joan Calvet from Eset in a blog post.

You may not have known this, but Xunlei is not only the most popular BitTorrent client in China, it is also the most popular in the entire world, according to TorrentFreak. Who would have thought that somewhere on the planet there’s a torrent client more popular than uTorrent? Surely not us.

[via Eset, TorrentFreak, image via Security Iyogi]

Related Posts

  • RealBull

    Wow, be careful everyone. I’m cautious about which software I install, but take extra precautions when using something programmed in China.

  • smaragdus

    Xunlei, which means thunder, is a download manager that supports Bittorent protocol as well. In fact Xunlei is supported by Flashgot, one of the most popular Firefox/SeaMonkey add-ons. Some time ago there was a similar case with another download manager- Orbit, which contained a Botnet-like DoS module. Orbit developers never responded to the accusations and Orbit was removed from many download sites.