It’s probably not too surprising that, even though you can still download the Windows 7 release candidate for free from Microsoft and will be able to do so “at least through July 2009”, with no restrictions upon the number of product keys available, Windows 7 RC is widely distributed on — and frequently downloaded from — pirate sites.
It probably also shouldn’t come as a surprise that many of these pirated Windows 7 RC downloads come pre-compromised. Security researchers at Damballa say the trojanned version first appeared on April 24, and had infected around 27,000 hosts before Damballa managed to locate and gain control of the botnet’s command-and-control server on May 10.
“We continue to see new installs happening at a rate of about 1,600 per day with broad geographic distribution,” Tripp Cox, Damballa’s vice president of engineering, said in a statement. “Since our takedown (of the command and control server), any new installs of this pirated distribution of Windows 7 RC are inaccessible by the botmaster.”
However, the botmaster still controls the existing installations, Damballa said. The infected systems are mainly concentrated in the U.S., with 10 percent, and the Netherlands and Italy, with 7 percent each.
“You lie down with dogs, you get up with fleas.”