New research shared by the entertainment industry-backed Digital Citizens Alliance finds that 12% of all ads on pirate streaming sites are linked to malware. The problem is so bad that the researchers fell prey to multiple ransomware attacks. Intriguingly, the findings also suggest that pirate sites are 'safer' than before, although that greatly depends on which studies you look at.

ransomwareOver the years we have seen dozens of anti-piracy campaigns. Initially, many of these tried to appeal to people’s morals.

You wouldn’t steal a car, right?

This type of messaging doesn’t work for everyone, so more direct tactics are explored as well. These often focus on various risks, with particular concern for the health of pirates’ computers.

Rightsholders and anti-piracy groups regularly highlight reports which show that pirate sites are rife with malware and even alert potential pirates-to-be about the dangers of these sites.

While some of these claims are exaggerated, there is no denying that malware is spread through some pirate sites. How common this problem is depends on who you ask and even the estimates from various research outfits vary quite a bit.

New Pirate Site Malware Research
The Digital Citizens Alliance (DCA) shared some new research that it carried out in partnership with piracy advertising expert White Bullet and cybersecurity outfit Unit 221B. The group has a long history of publishing anti-piracy research and has highlighted the malware angle before. Despite these efforts, the problem persists.

The findings show that 12% of all ads on pirate streaming sites are linked to malware. In addition, nearly 80% of the researched sites served at least some malware ads.

“Piracy operators lure users to their sites by offering them ‘free content,’ including the latest movies, music, and television shows. Once they come to the piracy site, users are subjected to a deluge of malicious ads […] that employ fear tactics and other deceptions to trick users into clicking on them.”

“[P]iracy operators and malvertisers have created an unholy triangle with pirate site visitors, who have unwittingly entered a perilous game of ‘Pirate Roulette’ by entrusting their cyber-safety to malicious actors,” the “Unholy Triangle” report adds

Piracy Investigators Hit by Ransomware
These comments are pretty scary and to emphasize the threat, the researchers describe in detail how they were hit by a ransomware attack after visiting a pirate site.

“With just a few clicks on a piracy site, investigators were victimized by a ransomware attack that encrypted their computer files. The criminals demanded payment to unlock them. This cyber threat was observed across multiple piracy sites.”

ransom
Luckily, the researchers used virtual machines so they didn’t end up paying anything to unlock their test machines. With these data and anecdotes, they warn the public to stay away from pirate sites.

All in all, the report paints a pretty grim picture suggesting that things are worse than they ever were. However, that’s not clear from the previous studies we’ve seen.

80%, 90%, or 100%?
In 2014, a study conducted by the Industry Trust for Intellectual Property Awareness found that 90% of the most used film and TV piracy sites contained malware or credit card scams. That’s more that the ‘eight in ten’ sites in the recent DCA study.

A report from OpenText Security Solutions’ Webroot that was released last month also found that 90% of the top illegal streaming sites contain risky content. And according to FACT, the same study found that all of the analyzed sites had “malicious content.”

Based on these rudimentary comparisons, pirate streaming sites were previously much riskier than in this latest report. But that’s impossible to say for sure, as the methodologies and researched sites vary quite a bit.

EU Didn’t See a Malware Piracy Epidemic
Also, it’s worth noting that there is research on the topic that shows quite a different picture. Aside from nuanced remarks from anti-virus experts, the EU Intellectual Property Office also draws a less dystopian conclusion.

Through a detailed study conducted in several EU countries, EU researchers investigated more than 1,000 pirate site domains. They found that less than 10% of these sites linked to malicious content, which includes the less severe “potentially unwanted software.” According to the EU researchers, pirate sites were not particularly problematic.

“At present, suspected copyright-infringing websites and streaming services are not normally considered to be dominant sources of malware or otherwise unwanted software distribution,” the research concluded.

The results from the DCA’s “Unholy Triangle” report are quite different, to say the least. However, with varying methodologies and definitions of ‘malicious’ it’s not easy to compare the findings.

In any case, it’s good to see that copyright holder groups are spending so much time and resources making sure that pirates are warned against malware. Whether that will prevent people from visiting pirate sites is another question, of course.

Perhaps the main purpose of the report isn’t to warn the public at large, but to alert the authorities to take action against piracy. That’s at least in part what the authors hope to achieve, as they call on the DoJ and the FTC to take action.

“As this report shows, malicious actors dangle free content as ‘bait’ to lure users to be victimized. Therefore, it’s vital that the DOJ targets malvertisers and piracy sites that are setting up users to be victimized by ransomware and other harmful software.”

“In addition, the FTC should consider new efforts to alert consumers about the cyber security risks of piracy and the emergence of malvertising on these sites,” the report adds.