File-sharing organization Pirate Bay has been controversial for a long time, like maybe the length of its entire existence. It’s been in the news recently because a number of governments are trying to shut it down. That’s a situation ripe for social engineering.

We found this scheme this morning: a number of typo-squatting sites carrying the following. (Note: the REAL Pirate Bay site is thepiratebay.org.) What would lead a victim to this? The phony site piratebay.com (below) comes up as the third result on a Google search for “piratebay” or fourth for “pirate bay.”

PirateBayFake_1

The phony sites we found were:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

http://htepiratebay.org/  
http://piatebay.org/  
http://www.piratesbay.org/  
http://piratesbay.com/  
http://piratebay.com/  
http://thepriatebay.org/  
http://thpiratebay.org/  
http://thepiratesbay.org/  
http://thepirateby.org/  
http://www.thepiratbay.org/  
http://videobay.com/  
http://piratebay.com/

OK, we thought we see click the download button (kids, don’t try this at home) and see if the software really is “. . . safe and keeps me protected.”

PirateBayFake_AdwareAlert

Short answer: “no.”

It tries to download a file called “eMuleSetup.exe” from a site registered to Hotbar, Inc. VIPRE detects it as “Pinball Corporation. (v)”

The real Pirate Bay site is NOT posting any warnings.

RealPirateBay