Slashdot Mirror
Torrent Sites Earned $70M After Dropping Malware On Visitors (softpedia.com)
jones_supa writes: One in three torrent sites is spreading malware, claims a recent joint report (PDF) from Digital Citizens Alliance and RiskIQ, which compiled data from over 800 sites. Most of the time, the sites expose visitors to drive-by attacks that silently download malicious files on computers without any user interaction. These types of attacks are usually carried out through malvertising campaigns. It turns out that this is actually a good business for the operators of the pirate sites: depending on traffic, they can make between $200 and $5,000 per day. In total it is estimated that this type of covert agreement between malware distributors and pirate site operators has pocketed the latter about $70 million per year.
Now, there is a reason not to download pirated media. If only most of malware on internet were on illegal torrent sites!
Linux is for people who don't mind RTFM.
The websites send files to auto-download and it fills up my download folder a bit.
If you're computer-saavy enough to use torrents, you should be smart enough to disable the "automatically run downloaded files" feature of your browser.
Actually, one thing that really bugs me is those damn websites that force a file download when I try to view a PDF file inside my browser.
Is torrent hosting illegal? How about magnet links? Could they have avoided being against the law by using ad revenue? I guess ad revenue is much less than illegal malware revenue. Ah well, torrents are for cows anyway.
I see this as a much bigger threat to piracy than any enforcement of copyrights on individuals. Just a though.
"How Content Theft Sites and Malware Are Exploited By Cybercriminals to Hack Into Internet Users' Computers and Personal Data"
And you've blown any credibility you may have had.
Shocking Company funded by movie companies gives reason not to use torrents.
They're much worse than malware distributors because... we've each posted 3000 rants here about them, got modded way up for them, and we're not going to change our minds!
Again it falls under - if you're not paying for it, then you're the product. From facebook to bit torrent, this is a guiding force of the internet.
Details like:
What internet browser did they use?
What basic security measures did they use?
What does "Exposure" mean? Did the malware actually infect the computers exposed or did their security catch it?
What sites did they test?
I note things like how this very article LIES: 55% are user-initiated downloads, only 45% are drive-by downloads! Or how, while it is true that you're 28 times more likely to be "exposed" to malware on the piracy sites. . .it's a rise from 1 in 333 to 1 in 12. And again. . .Did those computers exposed actually get infected by the malware, or do basic security measures stop it?
Is there a name for an activity that earns you money, but less than the value of the damage you cause, making your activity a net negative for society? Any example of well-respected professions that would qualify?
Build a shitbox VM/PC where you grab all this content. Be nice and lock it down to be stateless after you build it so it doesn't try to ruin the internet. Even if you buy a standalone PC for it that's what, 2 months of premium cable?
The solution is really simple. Use Linux when you visit those malware torrent websites. I did that for the past 10 years. One site offered to scan my drives for malware. So I let it "scan". It was showing Windows drives mounted at C: and D: but I was on Linux. I thought that was funny.
Upper right corner: "FLASH SALE: SpyShelter Premium 1YR 33% OFF!"
That managed to make it through adblocking and Umatrix. I am somewhat surprised that they only seem to use Google Analytics, though. Very, very little in the way of third party javascript for ad networks and analytics/tracking.
Please help metamoderate.
This report is from something called the "Digital Citizens Alliance". Sounds good, right? Sounds like a bunch of pro-freedom net citizens protecting all of our rights, yes?
Would it surprise you to learn that the DCA is a lobbying group involved in trying to get Google to take down search results? Here's a sentence from their materials:
Does anyone else smell an agenda here?
You are welcome on my lawn.
And this shit is why I will never, ever be willing to treat ads as anything but malicious and dangerous affronts to my privacy and security.
I lump all analytics and ads into the same bucket: evil greedy bastards who I will never trust, never allow to run scripts, and whose content I will block as long as I have the means. Because, quite frankly, I don't see the difference between the "legitimate" ones and the "shady" ones.
The only way to win is not even play. Once you start running blocking stuff and realize the amount of shit embedded in every web page, you just treat them all as parasites or shit on your shoe: you remove them with extreme prejudice.
Lost at C:>. Found at C.
There's no need to visit a site when your client has built in search across whatever you want to configure it with as well as sensible defaults and no malware included (I'm looking at YOU SourceForge).
I highly recommend qBittorrent for that, as one reason among many. I've used it for years and is the best client I've encountered.
Also, who visiting a torrent site doesn't use ad blocking? Why would you do that to yourself?
These things are always very interesting for the info they DON'T contain. Notice that they had to focus on web delivered drive-bys (even slashdots given me drive-bys) and trickery but they don't mention the content itself as a major source of infection.
The wonders of the profit motive and the invisible hand.
one of the worst adware sites
Something tells me they were using an XP SP0 machine with internet explorer 5 fully unpatched. That's my assumption since they didn't mention an operating system, browser, and patch level. Makes a huge difference. Drive-By vulnerabilities are extremely urgent top drop everything you're doing and fix this now when I say jump you jump before asking how high, no don't even go get coffee, we'll bring it to you sort of priority. So unless these guys are buying 0 day's, there's no way these were fully patched/updated machines they were using, and I doubt for a "total" of "$70 million" across hundreds of sites they're affording 0 days. With governments in the markets for 0 days, especially serrupticious drive by 0 days, I'm not sure a pool of sites could keep up on the 0 days (since once used in the wild, companies tend to catch on...relatively quickly) So, I find the whole report highly dubious!
But considering Sony's rootkit, at least you don't have to pay to be exploited on torrent sites.
Kinda off topic but I remember using Kazaa when it was popular (late 1990s - early 2000). When I search for a movie or MP3 music, the search would return Windows executable files that were about 1 MB in size. I had to filter the .exe files from the search results. Yes, I was using peer 2 peer programs before free anti-virus programs were widely available. I'm lucky that I didn't catch a virus or trojan in the early 2000s.
If you look on the bottom of the report, it lists torrent sites I was unaware of. Thanks to Digital Citizens Alliance.
hi, my name is john C, i got the badbios virus from a popular torrent site, i was browsing and the computer restarted, then i watched what looked like an icbm launching sequence, like the one in that scene in terminator 3, oh wait, it did not happen, i was just remembering the movie and i thought i was J connor, my bad
How does this generate revenue? Just curious because most people that know how to use torrent sites probably know a malware pop up or infection when they see it. Im just curious as to how this is generating revenue by just infecting computers?
At $5,000 a day that comes to $1,825,000 a year which would mean just over 38 sites
or at $200 a day that comes to $73000 a year which is aboutr 959 sites.
So if its 1 in 3 sites there are only between 115 and 2877 sites on Tor, I would have though both figures a little low.
Good catch. I don't think I'd trust half of those sites. As in, there's no point visiting because they don't actually host any torrents or magnet links. torrentz.* is a good example. I wonder if any of the demonoid ones are legit? I now have roughly 10,000 sci-fi/fantasy/nonfiction books (probably more than a few dupes in there though) I'll probably never have the time to read on my phone thanks to demonoid, and I was sad to see them go.
Also lol'd when I saw this down there: #FollowTheProfit. Looks like some commenters up there did just that!
The answers to your two questions are:
Liberalism
Politician
See also "broken window fallacy ", on which most liberal economic thinking is based.
From their study:
DATA AVAILABILITY
RiskIQ designed a study that could be easily repeated by any researcher with the capability to adequately analyze and detect malware on web sites.
|I couldn't find any software they release to detect malware nor could I find any security researcher who backed their claim.
Given the "estimates" usually made by companies paid by big media for piracy studies and the like, that makes me think that 70 Million is lot lot less by several levels of magnitude.
This is a major reason I've pretty much abandoned torrenting, instead I just use Kodi with Genesis. No more pop-ups, malware, etc.
See subject: APK Hosts File Engine 9.0++ SR-4 32/64-bit http://start64.com/index.php?o...
---
FREE, not 'souled-out' to advertisers + adds speed, security & reliability. Does FAR more w/ FAR less more efficiently vs. redundant browser addons & local DNS servers @ home + fixes DNS' many security issues & it stops a LOT of tracking @ webpage + DNS levels via 1 file you NATIVELY have - firewalls do the rest (on less used IP address trackers vs. host-domain name type).
---
It obtains data vs. threats & for adblocking from 10 reputable security community sites!
---
SPEEDS YOU UP 2 ways (adblocks + local RAM cached favorite sites @ TOP of hosts for fastest resolution speed vs. remote DNS (aids reliability)) vs. other "so-called security 'solutions'" SLOWING YOU!
---
All that via something you natively have vs. "bolting on browser addons 'MOAR'" that's usermode slower & increases messagepassing, cpu + ram overheads!
---
MalwareBytes' hpHosts Admin (MalwareBytes employee who verified it's source as safe http://forum.hosts-file.net/vi... ) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...
&
It's safe proven by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
Its 32-bit model too https://www.virustotal.com/en/...
Its installer too -> http://f.virscan.org/APKHostsF...
---
* "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend".
APK
P.S.=> By "yours truly" - "The Lord of Hosts" so-to-speak:
"The image this title brings to mind is of a mighty military commander, one who can at a mere word summon rank upon rank of protective power" from https://answers.yahoo.com/ques... & THE WORD = hosts!
(Accept NO substitutes!)
...apk