Pierluigi Paganini
December 13, 2015
People believe that the best way to see a film or get a software is downloading from one of the numerous torrent websites online. Probably there is something that you should know.
According to a new study conducted by researchers at Digital Citizens Alliance and RiskIQ, almost one-third of the 800 torrent sites served malware on the users’ machine between June and August 2015.
About 12 million Internet users per month were infected by downloading material from the torrent files.
The experts cited the case of newly released video game Fallout 4 whose pirated copy was found embedded with a malicious code used by crooks to steal 4.88 bitcoins (nearly 2000 USD) from a gamer’s PC.
The researchers revealed that most torrent websites earn money by selling ads to malicious advertisers ho serve malware that criminal organizations use to harvest users’ data to resell on the black market.
According to the experts, the profit of this lucrative business allowed crooks to earn more than 70 million dollars.
“Baiting Internet users, stealing their personal information, and taking control of their computers is becoming big business—an estimated $70 million per year just from peddling malware.” states the report.
Most of the computers are infected via malicious ads spread through the torrent websites, the ads redirect victims to websites hosting malicious exploit kits.
“When you visit mainstreams sites, things are naturally happening without you clicking anything: pictures are being downloaded, ads are generating,” said Tom Galvin, executive director of Digital Citizens Alliance. “What’s happening now is that users can click on one of these content sites and decide not to watch a movie, but the malware is already on their computer scraping for their Social Security number. That’s used to mimic and adopt your online persona, access banking information, and in some cases, people are getting credit fraud notifications.”
Movie hubs deliver the majority of malware as explained by Galvin.
“Movies are digital bait,” added Galvin. “Consumers are defenseless, and this is really exploiting and abusing them.”
The researchers analyzed mainstream sites like Crackle and Hulu with torrent sites who provide movies like the Pirate Bay, Kickass Torrents, ExtraTorrent, multiple Torrentz forks, Putlocker and others.
Two percent of the mainstream sites were found serving malware each month and 33 percent of sites in the Content Theft Sample group had at least one malware incident in one month.
54% of all malicious code detected was classified as Trojan, 29 percent as Adware .
The researcher detected numerous variants of Remote access Trojans (RATs) which are used by crooks to steal financial information, login credentials and even access laptop’s camera.
The study includes the Top 10 RATs identified by the researchers, some of them are well-known threats used in numerous attacks in the wild. Xtreme Rat and Bifrost lead the list.
Unfortunately online piracy is one of the most profitable illegal activities and curbing it represent a major challenge for law enforcement.
You can give a contribute by stop download content from such websites that open you to cyber attacks and infections.
Give a look to this excellent report.
[adrotate banner=”9″]
(Security Affairs – Torrent websites, malware)
