Torrent Sites Drop Malware to 12 Million Users Monthly, Earn $70 Million A Year

You may have heard the phrase “There ain’t no such thing as a free lunch”. But, most of the people online think downloading from torrent sites is absolutely free and torrent owners are doing favors to the users! Which is too good to be true and a recent study has proved it.

According to a new study (pdf) carried out by Digital Citizens Alliance and RiskIQ, almost one-third of the 800 torrent sites dropped malware on the users’ PC between June and August 2015 which is about 12 million Internet users per month.

One recent example is the newly released video game Fallout 4 whose pirated copy was found embedded with malware and stole 4.88 bitcoins (nearly 2000 USD) from a gamer’s PC.

Distributing malware for $:

But, this is how most torrent sites make money, they sell ads to malicious advertisers who then harvest user profiles and sell them on the dark web for anywhere between 20 to 45 dollars. For the advertisers, this has been a lucrative business as only this year the profile selling has made them over 70 million dollars, said the researchers.

Image Source: Digital Citizens Alliance

“Movies are digital bait,” said Tom Galvin, executive director of Digital Citizens Alliance. Pirate sites have always stolen from content creators by making shows available for free, but now they’re stealing from people who download those shows, as well. “Consumers are defenseless, and this is really exploiting and abusing them.”

Most of the computers are infected via malicious ads that are shown on the site which direct users towards even more malicious sites. But, the main weapon for the advertisers is by sending malware that comes in the form of drive-by-download.

“When you visit mainstreams sites, things are naturally happening without you clicking anything: pictures are being downloaded, ads are generating,” Galvin said. “What’s happening now is that users can click on one of these content sites and decide not to watch a movie, but the malware is already on their computer scraping for their Social Security number. That’s used to mimic and adapt your online persona, access banking information, and in some cases, people are getting credit fraud notifications.”

Movie hubs deliver most of the malware

Furthermore, researchers tested mainstream sites like Crackle and Hulu with torrent sites who have been popular in providing movie content to the users like the Pirate Bay, Kickass Torrents, ExtraTorrent, multiple Torrentz forks, Putlocker, and others for the number of malware incidents.

The results were two percent of the mainstream sites had malware incidences each month whereas 33 percent of the movie powerhouses were reported for malware incidents each month.

“The sites that could be clean in the report could be infected tomorrow,” said Ross Reynolds, director of product management at RiskIQ. “They tend to have the flexible infrastructure, so that if they’re taken down they always have something ready to shift to.”

Torrent Sites and Bitcoin connection:

Earlier this year, uTorrent was caught secretly installing Epic Scale Bitcoin Mining Software on users’ computers to get some bucks – They claimed the software was just a distributed computing platform, but that’s not true. The only reason to install the mining software was to use a victim’s Internet bandwidth to generate Bitcoins. 

Trojan malware- the most used

While analyzing the malware, researchers found out that on most of the occasions users were targeted with Trojan malware. Trojan like Greek Wooden horse tricks the victim into believing the installed program is safe for the computer.

The most dangerous form of Trojan is Remote access Trojans (RATs) which have the ability to steal financial information, passwords and even turn on laptop’s camera. During research, researchers found 10 RATs which were aimed at torrent users, one of them was Xtreme Rat, a powerful RAT previously used by hackers to target Israeli military personnel and officials at the U.S. State Department.

Image Source: Digital Citizens Alliance

But, still, for the torrent sites, adware is one of the important forms of making money as it covers 29 percent of the threats torrent sites generate. However, the problem for them is the decreased offers for buying ad spaces on the site because some of the genuine sites are offering ad spaces to shady advertisers.

Though, researchers did not find the original source back to the attackers, but they found a number of ransomware attacks:

“To make a long story short, there was a lot of it,” Reynolds said of ransomware, the form of attack that holds a user’s computer hostage until they pay a fee, often in the thousands of dollars. The encryption used to lock users out of their data is so complex that an FBI special agent admitted in October the bureau often has no choice but to advise victims to pay up”.

Stopping them not so easy

Stopping piracy is one of the major challenges for the content industries and all their efforts in curbing this crime have so far ended in vain. Because if authorities close off one torrent site they can simply open another. The process is so fast that within days a new site is up.

For now, there is only one-way out — Stop downloading content from such sites because the danger of getting your computer hacked is far more than downloading lucrative content for which they have to pay some bucks to watch.

“I’m not even slightly surprised by what you say about piracy sites and malware,” said Brett Danaher, an assistant professor of economics at Wellesley College who studies piracy. “Given that they can profit by getting malware onto my computer, why wouldn’t they do this?”

Related Posts