The HOSTS file is a small file used by operating systems like Microsoft Windows to control network connections on the system, and the malware uses this file to “block” the system from connecting to several domains associated with piracy-related websites. In a blog post, Sophos' lead researcher Andre Brandt states that the malware is one of the strangest cases he's seen in a while, and states that the vigilante malware modifies the HOSTS file on the computer it is run on. Some of the infected pirated software that contain the “vigilante” malware.
