According to the warning issued by BitTorrent - the company behind the Mainline/Chrysalis and the uTorrent clients - the uTorrent.com Web server has been compromised around 4:20 a.m. Pacific Daylight Time (UTC -7) on Tuesday and the website modified to serve malware instead of the uTorrent client.
The switcheroo was discovered just after 6:00 a.m., and the affected servers were immediately taken offline. They have since been cleaned up and are up and running, and so is the website.
Further investigation into the matter revealed that the malware is a fake AV/scareware variant of the "Security Shield" family. Once installed, it shows standard infection warnings and tries to make the user pay for the removal of the "found" malware.
BitTorrent has stressed the fact that only the people who have downloaded the uTorrent client from the uTorrent.com website during these two hours have been affected.
Although, to be on the safe side, I would definitely recommend to all the users that have downloaded it in the last few days to do an antivirus scan of their computers.
The company has also stated that it doesn't think that BitTorrent.com or the BitTorrent Mainline/Chrysalis clients were part of the incident, but again - a scan couldn't hurt.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.