No, Pirate Sites Are Not the #1 Online Source For Malware

Home > News >

This week UK non-profit Internet Matters published a new guide designed to protect children from the apparent perils of using pirate sites. Like several before it, the report claims that pirate sites are the most common source of malware infection on the Internet and that streaming pirated media puts devices at risk. TF called in security experts - they do not agree.

Protecting children in our society is one of the noblest things one can do. In both the physical and digital worlds, children need high-quality guidance.

While most of this support should come from parents and others closely involved with a child’s upbringing, groups like UK non-profit Internet Matters are there to provide advice when the adults around need help themselves.

This week the London-based group teamed up with the Mumsnet website to publish a guide titled “Internet safety and the dangers of digital piracy.” Perhaps unsurprisingly given recent trends, the report focuses on the apparent threats posed by “fully-loaded” set-top boxes running Kodi and similar applications.

“[I]f your children stream illegal content online, also known as digital piracy, it can expose them and you to cyber threats, disturbing pop-ups and unexpected harmful content,” the guide notes.

“The risks typically associated with digital piracy can take place on dodgy websites and preloaded streaming devices, sometimes known as Kodi boxes, but they can also occur through any number of illegitimate apps on mobiles, tablets or smart TVs.”

While some of the claims made in the guide are overly generic, it does make some very good points. Accessing content from illegal streaming sites rarely comes with the age restrictions available on services such as Netflix, for example, so parents should always be aware of the risks and act in a supervisory role.

“Explicit adverts may pop up and there’s no standard organization of age-restricted content, meaning 18+ films like Fifty Shades can sit right next to U-rated content such as Finding Nemo,” the guide notes.

The guide also correctly states that some fully-loaded devices can come with porn apps installed. Again, it’s the responsibility of the parent to ensure that their children aren’t left unsupervised to use such a device, particularly (given their child’s age) they were probably the one to buy it.

There are few complaints when it comes to the guide’s legal advice either. As part of the EU, streaming copyrighted content in the UK is illegal, as is marketing and selling pre-loaded devices configured for piracy. All ok so far, but then the guide mixes apples and oranges to spook the unknowledgeable reader.

“Whilst families haven’t yet been the target of police investigations, the consequences
of watching pirated content should be considered, both from a legal standpoint
and the inappropriate content children could be exposed to,” the guide notes.

“For example, a man was recently hit with an £85,000 demand for sharing his stream of a pay-to-view boxing match on Facebook with over 4,250 people.”

The kind of person who can get value from this kind of basic guide isn’t going to appreciate the differences between someone who streams to the public and someone who watches a stream at home. Simply reading “£85,000 demand” might be enough for them to throw their device in the trash (which may have been the intention), but perhaps we’re being a little bit picky here.

Statements like these, however, deserve no such leeway.

Like the majority of claims in the guide, this statement is offered without citing a source. So, we contacted Internet Matters to ask where this information had been obtained. Unfortunately (and despite having several days to do so) they didn’t respond.

The reason we asked is simple: we don’t believe either element of the claim is true. So, we approached some experts for their opinions. We asked two questions based on the precise wording of the Internet Matters claim.

1. Are pirate sites the most common source of malware infection? If not, what is the most common source/vector?

2. Does streaming pirated media put devices at direct risk of infection?

The first responses came back from respected security expert Mikko Hypponen from F-Secure.

“Pirate sites are not the most common source for infections, and it hasn’t been since the early 1990s. Today, the most common ways of getting infected are via malicious email attachments, browser plugins and extensions and web exploit kits,” he told TorrentFreak.

“Streaming pirated media is not a security risk, as long as the user does not install additional applications, browser plugins or codecs to stream.”

We also received a detailed response from Luis Corrons, Security Evangelist at Avast, who told us that the Internet overall is the most common source of malware, but websites are not the sole driver.

“If we look at some of the biggest malware outbreaks, like SQLSlammer, Blaster or the recent WannaCry attack, they all are network worms that have infected millions of computers without having to visit any webpage,” Corrons explained.

“The problem with pirate sites is that it’s hard to know who is behind them. If you visit YouTube or Vimeo, most people are familiar with their parent companies. But in the case of some obscure websites, there’s a chance they could have been built by cybercriminals looking to infect visitors, steal credentials and personal information.”

While it’s certainly possible that pirate sites can be a source of malware, Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender, told us it is extremely difficult to assess the amount of malware on pirate sites, not least since many sites come and go on a regular basis.

However, he did indicate that when content from pirate sites is consumed via set-top devices, there’s less of a risk than when people access it via a web browser.

“Since these web services offer streaming through Kodi add-ons, the user never really get to interact with their home page, but rather with the Kodi dashboard. Most of these addons load content from [pirate] websites and stream it via Kodi. This dramatically minimizes the chances of the user interacting with rogue ads or deceptive links,” Botezatu explained.

So does Botezatu agree with Internet Matters when they claim that streaming pirated media itself “puts devices at direct risk of infection”?

“No, not directly, although I would not recommend anyone to resort to this,” Botezatu said.

“With extremely few exceptions where some vulnerabilities in the user’s video player could be exploited to run arbitrary code, media streaming is safe. I am unaware of any campaigns that use movie files for malware dissemination other than the Wimad Trojan back in 2012.”

The stance that streaming media is not inherently dangerous is shared by Corrons at AVAST.

“Streaming media does not pose any particular risk level of infection. It doesn’t matter if the media is pirated or not,” he said.

While it’s a bit of a shame that Internet Matters had to claim things that aren’t true to drive its point home, they’re by no means the only organization to do so.

Earlier this year, the Industry Trust for IP Awareness made a similar claim, noting that “Illegal streaming websites are now the number one propagation mechanism for malicious software as 97% of them contain malware.”

With assistance from Adam Kujawa, Director of Malware Intelligence at Malwarebytes, we debunked that statement back in February. It’s disappointing but not entirely surprising we’ve having to do so again several months later.

There are plenty of valid reasons for not letting kids loose with piracy-configured boxes, not least since they could see content that adults might prefer them not to. Notably, however, the exact same thing can be said about YouTube and Facebook, or even the Internet in general.

When anyone uses the Internet for anything there are security risks, so parents should always tell their kids to be cautious when they’re online, no matter what the device or content being consumed.

Surprisingly, the Internet Matters report – which has a strong focus on malware – doesn’t even mention installing anti-virus or anti-malware software to protect devices. Concerned parents should note that both can be obtained for free and are easy to install.

The Internet Matters guide (which despite the criticism does contain great advice on parental responsibility) is available here (pdf)


Popular Posts
From 2 Years ago…