14 DAY TRIAL // One in three torrent sites is spreading malware, claims a recent joint report from Digital Citizens Alliance and RiskIQ, which compiled data from over 800 content pirating portals.
The report highlights how users are 28 times more likely to get infected on sites harboring illegal content, rather than accessing regular websites.
Most of the times, users don't have to do anything, and just accessing the site exposes them to drive-by download attacks that silently download malicious files on their computers without any user interaction.
Drive-by downloads account for 45% of all infections
These types of attacks account for 45% of all malware infections and are usually carried out through infected ads in so-called malvertising campaigns.
These attacks usually deliver trojans (45%), adware (29%), unwanted toolbars (10%), and botnet clients (9%).
While in previous years pirate site operations had relied on running ads on their portals to make money, with more and more pirating portals popping up almost everywhere, and with the rise of ad blockers, in order to boost profits, some of these sites had to resort to other types of revenue streams.
Site operators make between $200 and $5,000 per day
Cyber-crime syndicates are known to run affiliate programs for anyone interested in distributing their malware. Digital Citizens Alliance and RiskIQ estimate that this type of covert agreements between malware distributors and pirate site operators has pocketed the latter an estimated $70 million / €63.8 million per year.
According to data from traffic monitoring sites, the report estimates that around 12 million users are exposed to malware every month when accessing the 800 websites considered for this study alone. The actual number could be higher since there are thousands of torrent-sharing portals online.
In a social experiment carried out for this study, the two organizations negotiated with one malware distribution network. Their investigation revealed that pirate site operators are usually paid between 10 and 20 (US dollar) cents per malware installation.
The affiliate program boasted that site operators usually make between $200 and $5,000 per day (€182 - €4,500), based on their sites' traffic.
An investment that can easily be recouped
The operators of these malware distribution networks get their money back by delivering ransomware and locking computers, finding personal information that they sell online, or by intercepting credit card details and stealing directly from bank accounts.
"If the public better understands the intersection of content theft and malware, we can reduce the number of victims. Until we do so, there will be bait... and prey," the study concludes.
The full Digital Bait report from Digital Citizens Alliance and RiskIQ is available online, along with a shorter, more graphic presentation.
