Malvertising on piracy sites.
the cyberwire logoSep 19, 2022

Researchers find mixed evidence on the risk of content piracy sites infecting visitors with ransomware or other malware.

Malvertising on piracy sites.

The Digital Citizens Alliance, in partnership with White Bullet and Unit 221B, released a report detailing piracy sites and advertising. Investigators found themselves to be victims of a ransomware attack that encrypted their files through only a few clicks on a piracy site, with threat actors demanding payment to unlock the files. This phenomenon was not isolated to one site, as researchers report that it was observed on multiple piracy websites. Investigators have found that ransomware costs consumers upward of $20 million annually, with no guarantee that paying the ransom will actually make the threat actors return your data.

Malware has also been found on piracy sites in advertisements targeting users. Malvertising, or malicious advertising, accounts for 12% of the ads on piracy sites, and generates at least $121 million in ad revenue, with more than half coming from US-based visitors. Researchers found that those who visited piracy sites were exposed to an estimated 321 million malicious ads in the span of one month.

In contrast to this, TorrentFreak reports that research from the EU Intellectual Property Office yielded somewhat less alarming results, concluding that of the over 1,000 piracy domains that were scoured, less than 10% actually led to malware, including even “potentially unwanted software.” The conclusion reached by EU researchers was that piracy sites are not a significant cause for concern with respect to malware.