Content theft sites pose major malware risk
December 11, 2015
By Colin Mann
Content theft sites pose a serious and growing threat to Internet users by exposing them to harmful malware that can lead to identity theft, financial loss and computers being taken over by hackers, according to Digital Bait – a new research report commissioned by the Digital Citizens Alliance, a consumer-oriented coalition focused on educating the public and policy makers on the threats that consumers face on the Internet.
Cyber security firm RiskIQ found that one out of every three content theft sites exposed users to malware. Internet users who visited content theft sites were 28 times more likely to get malware from these sites than from mainstream websites or licensed content providers.
Peddling content-driven malware is now big business: RiskIQ estimates that content thieves are making an estimated $70 million a year just from allowing malware distributors to place malicious code on their websites. Once malware is on the content theft site, malware distributors make even more money by ripping off and exploiting their access to Internet users’ computers.
“It’s clear that the criminals who exploit stolen content have diversified to make more money by baiting consumers to view videos and songs and then stealing their IDs and financial information,” said Tom Galvin, Executive Director of the Digital Citizens Alliance. “It’s criminal behaviour, and it should be a wake-up call for consumers as well as law enforcement that a new front must open in the battle against cyber criminals and malware peddlers exploiting Internet users.”
After its two Good Money Going Bad reports explored the business models behind ad-supported content theft sites, DCA commissioned RiskIQ, a leading provider of online security and ad monitoring services, to estimate the amount and type of malware that content theft sites carry and to explore the connection between content theft and malware ecosystems in the dark corners of the Internet.
RiskIQ probed a sample of 800 sites dedicated to distributing stolen movies and television shows. The results were alarming:
- Merely visiting a content theft site can place a user’s computer at risk: 45 per cent of malware was delivered through so-called ‘drive-by downloads’ that invisibly download to the user’s computer – without requiring them to click on a link.
- Once hackers get into a computer, they can use it for a wide range of criminal schemes where the user of the computer is the victim. These include:
- Stealing Bank and credit card information that is then sold on underground Internet exchanges. After the hack, consumers find their bank accounts depleted or suspicious charges on their credit cards. There is an underground market for credit card information that ranges from $2 to $135 per credit card credential.
- Finding personal information that makes it easier to sell a person’s identity to the highest bidder online. In July, the FBI added five online criminals to its ‘Most Wanted’ list for creating computer programs that stole identities and financial information.
- Locking a user’s computer and demanding a ransom fee before returning access to their files.
- Hackers don’t just steal personal information and financial records – they gain access to an Internet user’s computer, enabling them to control it for nefarious purposes, including ad fraud, spamming, denial of service attacks, or extortion by threatening to cripple businesses through attacks on their computer systems.
“Users beware. The data from this report shows a much higher incident rate of malvertising and malware delivery in general on torrenting sites. Simply visiting these sites puts the device you use and your personal information at risk from malware, adware and spyware,” said Elias Manousos, CEO of RiskIQ. “Even more troubling is the ecosystem that has evolved to take advantage and monetise torrent traffic. While some torrent sites directly host malicious programs, most torrent publishers and malvertisers use ad and affiliate networks to deliver their exploits and malicious programs in exchange for payment.”
What makes this research so troubling is that ID theft is an increasing concern for Americans. The US Department of Justice reports that 16.2 million US consumers have been victimised by identity theft, with financial losses totalling over $24.7 billion.
“We can’t just throw up our hands and do nothing. Parents must teach their kids that they are junking up their computers by going on content theft sites; Internet safety groups and all responsible players in the Internet ecosystem must ramp up awareness campaigns; and law enforcement must step up its efforts to catch and combat malware peddlers,” added Galvin.