Users of Google Chrome and Mozilla Firefox who visit the popular torrent site Kickass Torrents (CAT) will come in front of a security warning. The warning appears in all domains (http://kat.cr or https://kat.cr) and reports that they distribute malware.
This issue affects only the two browsers we mentioned as Google's Safe Browsing blocked the site.
The warnings are a little different, depending on the program browser you're using, but the gist is the same.
Chrome users see this:
"Attackers on kat.cr may try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or displaying additional ads on websites you visit)."
Firefox users, on the other hand, see the following warning in Kickass Torrents:
“This website at kat.cr has been reported as containing unwanted software and has been blocked based on prepriceyour safety.”
Of course if you want to visit the Kickass Torrents website and use Chrome click on Details and then "visit the site" while if you are using Firefox click on "Ignore this warning."
All this at your own risk.
The Google Diagnostic Report states:
Current registration status for kat.cr?
This site is reported as suspicious and visiting this site may harm your computer.What happened when Google visited this site?
Of the 6582 pages we examined on the site over the past 90 days, 104 page(s) resulted in malware that can be installed without the user's consent. The last time Google visited this site was on 08.10.2015, and the last time it was found suspicious content on this site was on 08.10.2015.
Malicious software includes 2 trojan (s), 1 exploit (s). Successful infection caused on average 2 new processes on the target machine.Malicious software is hosted on 2 domains, downloadnet1004.com/ and adventuredistricthotels.com/.
20 domains appear to be acting as intermediaries for distributing malware to visitors of this site, including ato.mx/, adk2.co/, chlcotrk.com/.
This site was hosted on 12 networks, including AS10929 (NETELLIGENT), AS15169 (Google), AS41390 (RN-DATA-LV).
In the last 90 days, kat.cr does not appear to act as a mediator for infecting any site.
Has this site hosted malware?
No, this site is not a friendforeignin malware in the last 90 days.In some cases, third parties can add malicious code to legitimate websites, which causes the warning message to appear.
In short, some of the Kickass Torrents pages host malicious software, or Google is mistakenly detected as malicious. This issue typically occurs when an ad network is violated and it starts serving malicious ads.
Indeed, the KAT team told TorrentFreak that "the malicious advertiser has been removed."
