Anti-piracy group warns about malware-riddled sites - fair, or scaremongering?

Filed Under: Malware, Featured

Piracy image courtesy of ShutterstockA UK body battling online media piracy has released a rather stark warning about "bogus content" on sites providing access to pirated films and TV shows, claiming that 97% of such sites feature either malware or scams, and 3 out of 4 people who use these dodgy services subsequently suffer "problems with their device".

The report has been described by observers as "biased", "misleading" and "scaremongering through carefully chosen statistics", but its findings have been promoted by the police-backed Action Fraud website.

According to the research, all but 1 of 30 sites investigated served malware, potentially unwanted software or some form of credit card fraud.

A parallel survey found that 39% of people who had visited copyright-infringing sites, intentionally or otherwise, were annoyed by pop-up advertising, somewhere between 28% and 32% were hit by malware, while 1 in 5 "lost personal data or had personal information stolen".

The study was published by the Industry Trust, a body which describes itself as "the UK film, TV and video industry’s consumer education body, promoting the value of copyright and creativity", run by a small team but supported by a raft of big-name media studios, cinema operators and retailers, including Amazon, MGM, Sony, Universal, Paramount, Odeon, Sky and BBC Worldwide.

The investigation was carried out by anti-piracy consultancy firm Intelligent Content Protection, which for some reason prefers to use the short form Incopro.

Their research apparently involved detailed analysis of the 30 copyright-infringing sites most visited by UK internet users. Exactly which sites were looked at is not made clear, but the report claims they were selected using data from Amazon-owned Alexa, whose own toolbar has not been free of controversy in the past thanks to its data-slurping nature.

It seems rather surprising that Alexa can so accurately identify sites carrying copyright-breaching content, and hopefully this valuable insight is shared with police and other copyright enforcers as well as media consultancies like Incopro.

The lack of disclosure of which sites were involved leaves open a number of questions, as just about any site that hosts user-provided content, i.e. most of the web, is likely to have the occasional problem with copyright.

Major sites like YouTube and Wikipedia frequently have to remove inappropriate content, but it seems unlikely they were among the selection looked at for this study.

The details of the dangers found are also rather hazy. The terms "malware", "virus", "rootkit" and "credit card fraud" are repeatedly used with little consistency and no firm description of what is meant by them.

This is particularly problematic in the survey data, which implies that those surveyed were asked separately if they had been hit by viruses and by malware, terms often confused.

Malware is generally used as a catch-all term covering all forms of malicious software, including true viruses, but some people use "virus" to describe any kind of genuinely malicious or dangerous software including trojans and worms, while others limit the application of "malware" to the less dangerous set of items such as aggressive adware and other potentially unwanted applications (PUAs).

Using such overlapping and commonly-confused terms undefined in a survey, and not verifying how respondents understand and use them, renders the response data pretty much meaningless.

According to Incopro, the "most popular type of malware" found on 10 of the selected 30 sites is something which "installs pop-up ads" - without more detail, this could be no more than popups displayed by a website, or in-app advertising, which is to be found just about anywhere.

Free digital content lives by advertising, and many sites enforce little control on the aggressiveness of the adverts they serve, often via third-party ad services.

Criticism is also levelled at deceptive buttons disguised as download or "play" functions but which actually lead to unwanted content, something which most web users will be well used to.

These tricks are a common feature of free software sites, which monetize the services they offer by allowing sponsored "foistware" to dominate pages ostensibly devoted to other applications.

It should be little surprise that sites providing illicit access to copyrighted media material would also be supported by such techniques.

No-one really likes foistware, any more than we enjoy having pushy ads shoved in our faces while trying to enjoy the web, but most of us have come to accept them as the price we pay for not paying anything for our content.

Copyright infringement may feel like an extension of the free-for-all nature of the internet, but it's well within the rights of those trying to make a living from film and TV to try to protect their income. However, this sort of ill-thought-through campaign is not going make the anti-piracy lobby any friends.

As one expert quoted by the BBC puts it:

This is a clear extension of the long-running Fact [Federation Against Copyright Theft] strategy of portraying illegal copyrighted content as dangerous, after the ability to portray it as poor quality was finally dropped as untenable.

Hyping malware danger to promote a cause is not an uncommon sight, and it has more serious side-effects than merely annoying people.

Misleading and unfounded warnings dilute the efficacy of attempts to alert people to real dangers, encouraging the already under-informed and under-protected general population of the internet to treat the risk of malware as no more than a scare tactic used by vested interests to control and confine their online freedoms.

People need to appreciate the risks they take whatever they're doing online, but warnings need to be accurate, helpful and backed up by clear and detailed evidence. This is not the way to do it.

Image of piracy courtesy of Shutterstock.

, , ,

You might like

14 Responses to Anti-piracy group warns about malware-riddled sites - fair, or scaremongering?

  1. It's a weird, broken logic that says that regardless of peoples' personal, day-to-day experience you can convince them it was actually something else by means of an occasional survey or ad campaign.

    Whatever the rights and wrongs of copyright infringement there is only one way to take it on - you have to provide something better.

  2. It's not "scaremongering" at all. Once I figured out the hard way that 90% of the malware that kept sneaking into my reality had piggybacked it's way in with pirated content such as a movie or music, (Pirated software downloads are especially dangerous) or else it had showed up after I visited a website where such content was available, I quit going to those kinds of sites. And I've had no problem since.

    • It's incredibly easy to avoid getting malware and such from pirated material.
      You just got to know where to look, what the warning signs are, and to scan the files before actually doing anything with them, in case you're extra cautious.

      • You don't get the malware from pirated material. You get the malware from visiting sites that are run by unethical folks who don't have any problem at all with stealing software, or distributing pirated material. And who are also willing to make a quick buck by allowing others to piggyback their malware installers with the pirated or dodgy content they're distributing.

    • rakso75 · 521 days ago

      Dennis, it is true that these waters are a little more turbulent that the "standard" web-sea (bbc, yahoo, facebook...) and if you do not feel comfortable there, you should not navigate towards them indeed.

      But that does not mean that sailing this kind of waters will get you necessarily into problems, you just need to be a little more careful, and with (a little of) experience you quickly avoid all rocks in the way of your ship with no problem (not to mention that sometimes you can find underwater rocks and other traps in more conventional waters).

      So, to sum up, if you are not a good sailor, don't try to go to Cape Horn; but also, do not claim that there be dragons there!

      • Built my first PC from scratch back in '82. Been sailing these waters ever since. Got any more condecending advice to entertain us with?

        • rakso75 · 520 days ago

          Just that my first PC was more than 10 years after that, and it was bought. Never built one, nor I intend to learn. On the other hand I have sailed the same waters and never got infected by malware (so far...).

          Note: to be an expert in hardware does not make you an expert in software, and to be an expert in software does not make you an expert in web-browsing, same as to be able to build a rifle does not make you a soldier. And been an expert in naval fights does not make you better for a commando operation, and...

          I could continue but I think the idea is clear. First I was not giving an advice, just confirming that those pages are usually trickier than others, and stating that if you do not feel comfortable there and prefer not to go, you do well (as simple as that).

          On the other hand, as the article has quite well explained, those pages are not necessarily dangerous (some of them might be though) and to mix copyright infringement and malware spread is not, or should not be, the way to go.

          P.S.: actually I can try to be "entertaining" : I am a dragon-killer knight that has no idea of sword-making or how to create an armour, but after quite a few battles, with armour and a big big sword, is still thirsty for dragonblood :))

    • Jim · 521 days ago

      If the survey isn't defined, it IS scaremongering. Further, the reporting is a problem, too. They offer the numbers

      39% got pop-ups
      28-32% got malware
      1 in 20 lost personal data or had data stolen
      97% of sites served up malware
      3 of 4 had "problems" with their device afterwards.

      Didn't it strike you as a little fishy? Why are 3 different methods of summarizing info used? (%, % range, and "x out of y")

      Do those numbers overlap? If they do, to what degree?

      Also, they surveyed 30 sites. Which 30 sites? How many PEOPLE did they survey? What are the demographics of the sample?

      Any responsible organization doing such a survey would have properly outlined these parameters. Only an organization with an axe to grind would cherry-pick the data like this. Any time such an involved organization undertakes a survey and does the legwork themselves, that survey is worthless.

    • Anonymous · 520 days ago

      Here is what I learned on day 1 of visiting a torrent site.
      1. More seeders = better speeds AND less likely to be malware.
      2. Most sites have some symbol indicating that the person has uploaded a lot of other torrents and is not likely to upload a virus (i.e. skulls on Pirate Bay).
      3. Public trackers have been mostly cleaned up, but common sense is still your best tool.
      4. Private trackers generally have less dead torrents and more reliable and higher quality ones.
      Really, this stuff is easy to find. My guess is you clicked on an ad and got a virus that way (ads on torrent sites are about as reliable as those on sites for adult content).

      • TyBallz · 520 days ago

        Adblocker for those annoying (and sometimes dangerous) ads. :D

  3. Such seems always to follow when they worry about something such as the media does with copyright infringement. Without the transparency of whom they looked into, they could have picked 29 sites with known mal-ware. This type of report has been around for many decades. As you note there needs to be a list of whom they investigated to make these kind of report worth the time to just read them. As many of us know statistics can bend the truth past the breaking point. I go to all these sites, I don't have any mal ware or viruses that I know of, my machine is just as fast as it was when I built it.

    When they release more information about what they did and define what mal ware compared to viruses are, then we can at least look, otherwise it's a waste of time and energy...


  4. t_newt · 521 days ago

    My son likes to go to sites that offer 'free' things, and let me tell you, his computer is a good test of antivirus/antimalware software! The last time I hunkered down and went on a computer cleaning expedition, I found over 250 problems and suggested I do a special rootkit scan. The rootkit scan found 5 rootkits! As you can imagine, the computer was running quite slow as the rootkits fought each other for control of the machine.

    He's occasionally asked if I'll buy something for him on the computer, and I tell him that I have to buy it on my computer because there's no way in hell my credit card information is getting anywhere near his computer.

    So it is all relative. From most of us, the article may be a bit scaremongering, but from a teenager point of view, it is probably an understatement of the threat he'll be facing.

  5. Chris Webber · 520 days ago

    Its seems that this anti piracy group is being economical with the truth. I also suspect many false positives with keygens cracks etc. You do face a realistic chance of catching something if you are clueless. Not that i need to worry, i do not use such sites. One last thing, it is not possible to say you are not infected with something. Thats why zero day exploits exist.

  6. a little common sense really does go a long way.

    I surveyed an untold number of the stupidest people I could could find,
    90% said that when they stood in Glasgow City Centre with their eyes closed and wallets held out they lost or had money stolen.
    70% said that, despite wearing the same clothes they do at home, they found that they got significantly wetter in Glasgow.
    3.5 out of 4 people had trouble understanding locals.
    I have advised these people not to come back, and kept the money.

    those with common sense loved Glasgow, and brought an umbrella.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

John Hawes is Chief of Operations at Virus Bulletin, running independent anti-malware testing there since 2006. With over a decade of experience testing security products, John was elected to the board of directors of the Anti-Malware Testing Standards Organisation (AMTSO) in 2011.