Slashdot Mirror

← Back to Stories (view on slashdot.org)

Torrent Sites Earned $70M After Dropping Malware On Visitors (softpedia.com)

Posted by Soulskill on from the all-about-the-benjamins dept.

jones_supa writes: One in three torrent sites is spreading malware, claims a recent joint report (PDF) from Digital Citizens Alliance and RiskIQ, which compiled data from over 800 sites. Most of the time, the sites expose visitors to drive-by attacks that silently download malicious files on computers without any user interaction. These types of attacks are usually carried out through malvertising campaigns. It turns out that this is actually a good business for the operators of the pirate sites: depending on traffic, they can make between $200 and $5,000 per day. In total it is estimated that this type of covert agreement between malware distributors and pirate site operators has pocketed the latter about $70 million per year.

12 of 91 comments (clear)

  1. Okay, so... by U2xhc2hkb3QgU3Vja3M · · Score: 3, Insightful

    The websites send files to auto-download and it fills up my download folder a bit.

    If you're computer-saavy enough to use torrents, you should be smart enough to disable the "automatically run downloaded files" feature of your browser.

    Actually, one thing that really bugs me is those damn websites that force a file download when I try to view a PDF file inside my browser.

    1. Re:Okay, so... by Anonymous Coward · · Score: 3, Interesting

      I smell scaremongering rather than actual facts. There are no examples or case studies, just random numbers extrapolated to create a narrative and big money numbers.

      What I'm surprised about is no "tech" site picking up the mining code running in hidden iframes on websites. It's bad enough with auto-playing videos for "affiliates", but now sites are trying to steal CPU cycles on our machines so they can create a billionth of a bitcoin every other year.

  2. Page one: "Digital Bait" by pegr · · Score: 3, Insightful

    "How Content Theft Sites and Malware Are Exploited By Cybercriminals to Hack Into Internet Users' Computers and Personal Data"

    And you've blown any credibility you may have had.

  3. Shocking Company funded by Movie Companies... by ZiakII · · Score: 4, Insightful

    Shocking Company funded by movie companies gives reason not to use torrents.

  4. Guiding force of the internet. by blueshift_1 · · Score: 3, Insightful

    Again it falls under - if you're not paying for it, then you're the product. From facebook to bit torrent, this is a guiding force of the internet.

  5. Re:Never trust torrent sites by Anonymous Coward · · Score: 3, Insightful

    Just remember that $70M is calculated the same was the DEA calculates drug bust values and the RIAA/MPAA calculate piracy losses.

  6. Who is the Digital Citizens Alliance? by PopeRatzo · · Score: 4, Informative

    This report is from something called the "Digital Citizens Alliance". Sounds good, right? Sounds like a bunch of pro-freedom net citizens protecting all of our rights, yes?

    Would it surprise you to learn that the DCA is a lobbying group involved in trying to get Google to take down search results? Here's a sentence from their materials:

    Creators aren't the only ones harmed by content theft...

    Does anyone else smell an agenda here?

    --
    You are welcome on my lawn.
  7. Re:Never trust torrent sites by NotDrWho · · Score: 5, Insightful

    I would download something from the Pirate Bay any day over a site like CNET's download.com. At least with Pirate Bay, there is a CHANCE a program doesn't come with malware.

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
  8. And this is why I will never trust ads ... by gstoddart · · Score: 3, Interesting

    These types of attacks account for 45% of all malware infections and are usually carried out through infected ads in so-called malvertising campaigns.

    And this shit is why I will never, ever be willing to treat ads as anything but malicious and dangerous affronts to my privacy and security.

    I lump all analytics and ads into the same bucket: evil greedy bastards who I will never trust, never allow to run scripts, and whose content I will block as long as I have the means. Because, quite frankly, I don't see the difference between the "legitimate" ones and the "shady" ones.

    The only way to win is not even play. Once you start running blocking stuff and realize the amount of shit embedded in every web page, you just treat them all as parasites or shit on your shoe: you remove them with extreme prejudice.

    --
    Lost at C:>. Found at C.
  9. Re:Never trust torrent sites by operagost · · Score: 4, Interesting

    ^ This. "Legitimate" sites inject malware into downloads and somehow escape the FTC year after year.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  10. Re:That PDF is lacking in so many details. . . by Vlad_the_Inhaler · · Score: 3, Informative

    Details like:

    What internet browser did they use?
    What basic security measures did they use?
    What does "Exposure" mean? Did the malware actually infect the computers exposed or did their security catch it?
    What sites did they test?

    I note things like how this very article LIES: 55% are user-initiated downloads, only 45% are drive-by downloads! Or how, while it is true that you're 28 times more likely to be "exposed" to malware on the piracy sites. . .it's a rise from 1 in 333 to 1 in 12. And again. . .Did those computers exposed actually get infected by the malware, or do basic security measures stop it?

    what operating system?
    Flash or Java vulnerabilities?

    nuthin useable.

    --
    Mielipiteet omiani - Opinions personal, facts suspect.
  11. Re:More generally by Vlad_the_Inhaler · · Score: 4, Funny

    Is there a name for an activity that earns you money, but less than the value of the damage you cause, making your activity a net negative for society? Any example of well-respected professions that would qualify?

    Lawyer?
    Oh, you said "well-respected". My bad.

    --
    Mielipiteet omiani - Opinions personal, facts suspect.