In fact, many of these buttons link to advertisements of some sort, ranging from relatively harmless download managers to dubious services that ask for one’s credit card details.

A new report backed by the UK entertainment industry has looked into the prevalence of these threats. The study, carried out by the anti-piracy analysts of Intelligent Content Protection (Incopro), found that only 1 of the 30 most-visited pirate sites didn’t link to unwanted software or credit card scams.

According to a press release released this morning, the research found that of the 30 top pirate sites, “90% contained malware and other ‘Potentially Unwanted Programmes’ designed to deceive or defraud unwitting viewers.”

The “Potentially Unwanted Programmes” category is rather broad, and includes popups and ads that link to download managers. In addition, the report links one-third of the sites to credit card fraud.

“The rogue sites are also rife with credit card scams, with over two-thirds (67%) of the 30 sites containing credit card fraud,” the press release states.

While it’s true that many pirate sites link to malware and other dubious products, the sites themselves don’t host any of the material. For example, none of the top pirate sites TorrentFreak tested were flagged by Google’s Safebrowsing tool.

This nuance is left out of the official announcement, but the executive summary of the report does make this distinction.

“We did not encounter the automatic injection of any malicious program on the sites that we scanned. In all instances, the user must be tricked into opening a downloaded executable file or in the case of credit card fraud, the user needs to actively enter credit card details,” Incopro writes.

Most of the malware and “potentially” unwanted software ends up on users’ computers after they click on the wrong “download” button and then install the presented software. In many cases these are installers that may contain relatively harmless adware. However, the researchers also found links to rootkits and ransomware.

The allegation of “credit card fraud” also requires some clarification. Incopro told TorrentFreak that most of these cases involve links to services where users have to pay for access.

“There were 17 separate credit card schemes that were detected through our scanning, with many appearing to be similar or possibly related. Five of the sites had instances of two credit card fraud/scam sites, with the remaining 15 containing one credit card fraud/scam site,” Incopro told us.

“An example is someone visits one of the pirate sites and clicks a ‘Download’ or ‘Play now’ button, which is actually an advert appearing on the page, which then asks for payment details to access the content.”

This is characterized as “fraud” because these “premium” streaming or download services can result in recurring credit card charges of up to $50 per month, without an option to cancel.

The report, which isn’t available to the public, was commissioned by the UK film service FindAnyFilm and backed by several industry groups. Commenting on the findings, FACT’s Kieron Sharp noted that those who fall for these scams are inadvertently funding organized crime.

“Not only are you putting your personal security at risk, by using pirate websites you could be helping fund the organised criminal gangs who run these sites as a front for other cyber scams,” Sharp says.

It is clear that the research is used for scaremongering. Regular users of these sites know all too well what buttons not to click, so they are not affected by any of the threats.

However, there’s no denying that some pirate sites deliberately place these “ads” to confuse novice and unsuspecting visitors. Those visitors may indeed end up with adware, malware or run into scam services.

This isn’t in any way a new phenomenon though, it has been going on for more than a decade already. Ironically, the same anti-piracy groups who now warn of these threats are making them worse by cutting pirate sites off from legitimate advertisers.

—

Photo: Michael Theis

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

One of the main drawbacks of using P2P software such as Limewire, is that the content on the network (Gnutella) is unmoderated – anyone is free to put up whatever they like, be it music, movies or TV shows. Of course, others use this lack of moderation as a green light to upload viruses, spyware and other malicious software. Equally, one of the great strengths of BitTorrent (at least from a harm-reduction point of view), is that .torrent files are uploaded to torrent sites where staff work hard to filter out as much of the malicious software as they can, making BitTorrent relatively malware-free.

Of course, this great system falls apart if you can’t trust the people running the site. People expect anti-pirates like MiiVi to be ‘the enemy within’, but who needs those when you have ‘friends’ like the guys at new torrent site, TrafficLoader.com.

TrafficLoader.com (and its forum, pdls.info) hasn’t been setup for the benefit of BitTorrent users, it will be used by spammers, scammers and virus peddlers to spread their malicious software among the community (and make money off it). One of the admins called ‘Satty’ says that no registration is needed to upload torrents to the site and none will ever be removed. The site does have a notice – ‘Viruses, spyware, affiliate links and everything related is strictly prohibited’ but don’t believe it – Satty says these rules don’t apply to his friends in the PPI (Pay Per Install) community.

A few days ago the site was pretty bare with relatively few torrents and it was clear that most of them contained malware. It was suggested to Satty that it might be a good idea to have some genuine torrents too, to help disguise the bad torrents. Now things are starting to ‘improve’ on the site with many more torrents added recently which don’t immediately appear to be malware.

In the last few days, TrafficLoader cosmetically ‘cleaned up’ the site to remove porn adverts in order to appear more genuine but unfortunately, someone as well as TorrentFreak noticed that they made a big mistake:

“Why would you [Satty, admin] put a forum for ppi on a publicly scraped site, a.k.a here?? Do you just want ppl to find out shit is full of malware?”

Just in case they did want people to find out, hopefully this post will help them get the word out.

For those that want advice on how to avoid bad torrents in the future, try one of our guides.

Update: The site was taken offline a few hours after this article was posted, that’s our good deed for the weekend.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

“This is a visit from the prevalent Piro virus! Stop P2P! If you don’t I’ll tell the police!” it exclaimed, while another message threatened: “Ah, I see you are using P2P again……if you don’t stop within 0.5 seconds, I’m going to kill you!”

Graham Cluley, a consultant for Sophos said of the virus: “This is one of the most bizarre pieces of malware we have seen in our labs for quite some time, but it’s data-destroying payload is no laughing matter.”

Now, the Japanese police say that they have apprehended the three man gang responsible for the creation and distribution of the virus. One man wrote the code, they say, and the others placed it on file-sharing network, Winny.

However, due to Japanese law, it’s going to be tricky for the police to nail someone for creating the malware. They have a trick up their sleeve though, explains Graham Cluley, senior technology consultant for Sophos: “It isn’t illegal to write viruses in Japan, so the author of the Trojan horse has been arrested for breaching copyright because he used cartoon graphics without permission in his malware.”

The virus creator is a a 24 year old graduate student from Izumisano City in Osaka. It’s claimed he illegally used copyrighted images from an anime television show to create the virus.

The other two members of the group – a 39 year old man from Osaka and a 35 year old man from Hyogo – were also arrested for copyright offenses, unrelated to the virus. The men are suspected of uploading anime episodes onto the Winny network.

One of the images from the virus includes a song about fish-shaped pancakes stuffed with jam, which makes about as much sense as arresting a virus creator for copyright infringement. But hey, this is the 21st century – what did you expect?

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

It’s reported that one of the images, which includes a song about fish-shaped pancakes stuffed with jam, has a telephone number included although it’s unclear to whom the number belongs.

Another exclaims “This is a visit from the prevalent Piro virus! Stop P2P! If you don’t i’ll tell the police!” while another threatens “Ah, I see you are using P2P again……if you don’t stop within 0.5 seconds, i’m going to kill you!”

Graham Cluley, a consultant for Sophos said of the virus “This is one of the most bizarre pieces of malware we have seen in our labs for quite some time, but it’s data-destroying payload is no laughing matter. It acts as a timely reminder to companies that they may want to control users’ access to P2P file-sharing software not just because they can eat up bandwidth, but also because they can present a security risk to your corporate data.”

Winny is the most popular P2P application in Japan. In 2006 the developer of the Winny file-sharing software was found guilty and fined 1.5 million yen for assisting users in copyright violations.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

First the MPAA’s DVD sniffing dogs, now a trojan that’s targeting P2P content. Although the creators of the trojan are unknown until now, my guess is that the MPAA will be quite delighted.

Graham Cluley of Sophos, the company that discovered the virus, commented:

“The Erazer Trojan is a vigilante worthy of a Charles Bronson movie, taking the law into its own hands. However, it’s perfectly possible for the Trojan to aim poorly and wipe out innocent files too”.

As far as I know BitTorrent is safe, for now.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.