A Digital Citizens investigation in the United States has found that malware operators and content theft website owners are teaming up to target consumers – with an unexpected assist from U.S.-based tech firms. The research found that 1 in 3 content theft websites expose consumers to dangerous malware that can lead to serious issues such as ID theft, financial loss and ransomware, according to a report from Washinton, DC.
And disturbingly, U.S.-based tech firms – such as hosting companies that enable websites to remain up and running – play a vital role in enabling these websites to operate. The Digital Citizens report, Enabling Malware, found that among content theft websites analyzed that are spreading malware, two tech firms – Hawk Host and CloudFlare – were the most often used by these rogue websites.
The research, done in collaboration with respected cyber security firm RiskIQ, built on earlier research that found that malware operators and content theft website owners were collaborating to target and harm consumers. Ongoing research has found that 1 in 3 of these websites expose consumers to malware. And RiskIQ went undercover in December to scrutinize the DarkNet chat rooms where malware operators meet and negotiate prices for how to infect consumers.
“Given that our research shows that 12 million Americans are exposed to malware through content theft websites, we are approaching a cyber epidemic that poses serious concerns about the long-term security of Americans’ computers,” said Tom Galvin, Executive Director of the Digital Citizens Alliance.
“These rogue operators are using pirated movies and TV shows to lure consumers so they can infect their computers and steal their money, their identity or hold access to the computer for ransom,” said Galvin. “It’s time for government authorities – from the Federal Trade Commission to Congress to state attorneys general – to warn consumers about the risk content theft poses to their well-being.”
In this latest research, RiskIQ looked at hundreds of content theft websites and checked for malware. Here is what RiskIQ found:
- Thirty percent of content theft websites exposed consumers to malware. The type of malware and technique was constantly changing. In some cases, rogue operators tricked consumers with a prompt to update a movie player or through an infected ad. In other cases, malware was downloaded simply by visiting a content theft website.
- RiskIQ has found that based on its research, 12 million Americans are exposed on a monthly basis to malware from content theft websites. RiskIQ has found that consumers are 28 times more likely to get exposed to malware on content theft websites than mainstream websites.
- Once infected, the hackers can access and steal personal and financial data. In some cases, it enables hackers to install a Remote Access Trojan, enabling criminals to gain access to the video camera on a laptop and secretly tape the activities of unknowing people, usually young girls. In some cases, these videos are then resold online on DarkNet websites (and even in some instances, are made available on the popular video website YouTube, which is owned by Google).
- Hawk Host and CloudFlare were the go-to tech firms for content theft websites spreading malware, according to the new research. Digital Citizens researchers reached out to both companies and received sharply different responses. Hawk Host reported that it conducted its own investigation, and found that the websites violated its terms of service and therefore the company suspended them. CloudFlare, in its response, said it leaves the removal of content to law enforcement. It added that in some instances if it believes that malware is spread by a customer, it will warn site visitors. But Digital Citizens to date has seen no warning on the websites found to spread malware.
“For Digital Citizens, the key test of companies is what it does once it learns that one of its customers is engaged in wrongdoing and spreading malware. For that reason, we applaud Hawk Host for the responsible manner in which it took quick action to protect internet users from risk,” said Galvin.
In recent months, Digital Citizens has presented findings on malware and content theft websites to Congress, the FTC and state attorneys general. DCA research found that government awareness programs can be an effective tool in alerting consumers, 72 percent of whom reported in a recent poll that if they knew that content theft websites exposed them to malware, they would avoid such sites.
“The DarkNet marriage of malware operators and content theft websites is ominous for consumers who already face a tough task in protecting their cyber security,” added Galvin. “We need to raise awareness among consumers, and no one is in a better position to do that than government entities who already provide the important public service of alerting consumers to online risks.” – USNewswire