People who are using Firefox or Chrome that tried to visit KickAssTorrents (Kat) this morning were greeted by an unfriendly looking red page informing them that “the site ahead contains harmful programs”. This is not the first time this has happened. Earlier this year (July) kat.cr was blocked once before in a similar fashion.
The warning also goes to say that “attackers on kat.cr might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).”
It appears that this time the block is here to stay, at least for a little longer, unlike those that was set back in July and removed shortly after. Google Safe Browsing was contradicting itself on the first block, because if you searched for kat.cr in July it returned the results that the site “has not hosted malicious software over the past 90 days” and also that “kat.cr did not appear to function as an intermediary for the infection of any sites.” The block was still there, however. Today, however, that contradiction no longer exists.
It appears that now Google has found at least 2 trojans and one other exploit. Apparently if you are infected by these threats via kat.cr you will have at least two extra processes on your computer, courtesy to the Malware.
“Of the 6582 pages we tested on the site over the past 90 days, 104 page(s) resulted in malicious software being downloaded and installed without user consent.” This part is actually a bit ambigous as it makes to reference to whether these pages were related to kat.cr. However the experts in Google have also had the courtesy to inform us from where the malicious software originates: “malicious software is hosted on 2 domain(s), including downloadnet1004.com/, adventuredistricthotels.com/” and “20 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including ato.mx/, adk2.co/, chlcotrk.com/.” Our initial guess was that these adresses are related to the Ad banners that circulate on kat.cr. Our guess was more or less confirmed by the official response by kat.cr . They claim that the rotten apples have been cut off and they should have the block removed by Google when the giant next reviews the site.
Note, however, that Google has a long standing campaign against torrent trackers and this could be the perfect excuse to take the fight to the next level. Whether that will happen or not remains to be seen, although such measures (and even harsher ones) against kat.cr have definitely been employed before:
Want to do if you want to turn off Google Chrome phishing & malware warnings (at least for the time being)
If you are a regular at kat.cr clicking on temrorary access every time you visit the site will quickly get tiresome. We generally recommend that you DO NOT permanently turn off this very useful feature, but if you want to do it anyway (or at least temporarily) you can find the instructions of how to do so below.
- Look at the top-right corner of the screen. You should see a button that looks like three horizontal lines. Click on it. It should open the Google Chrome customization menu.
- Search for the Settings line and select it. Afterwards look for Advanced Settings expansion tab – it should be near the bottom. Click on it.
- In the Privacy tab that appears de-select the box with Enable phishing and malware protection.