Sports fans who watch events using illegal online streams are exposing their PCs and mobiles to serious security risks, according to the authors of the “first empirical study of free live streaming services.”
Such streams are popular among those who don’t subscribe to pay TV channels like Sky Sports, or are in countries where an event is not being broadcast locally. For example, a business traveller in France might have to use an unofficial stream to watch an England cricket match.
The legal implications and the potential loss of revenue to broadcasters and sports organisations is well documented, with authorities in the UK ordering a number of websites that share links to streams to be blocked by ISPs.
But Zubair Rafique, Tom Van Goethem, Wouter Joosen, Christophe Huygens and Nick Nikiforakis, say there has been no comprehensive study about the security implications until now.
“This was not a surprise for us since the nature of ads that we encountered when considering this project was also mostly malicious and is what prompted us to conduct this study,” said the authors, who created a system which used search engines to identify streaming sites and inspected network traffic to find media servers.
It found 23,000 webpages connected to 5,685 domains and made more than 850,000 visits, creating 1 terabyte of data on the free streaming ecosystem.
Sixty-four percent of these sites had been reported at least once for copyright infringement and 60 percent were located in Belize, the Netherlands, Sweden and Canada. Up to seven percent used the logos of legitimate broadcasters in a bid to attract more hits.
Some sites tailor their advertising depending on the browser being used. For example Chrome and Safari users will see more malware-centric overlay ads, whereas Internet Explorer and Firefox summons more scams.
Concerns about security have partly fuelled the popularity of ad blockers, particularly as a number of adult sites and others have been targeted by malvertising attacks in recent times. However these assaults have been caused by attackers infiltrating popular ad networks with malicious creatives whereas the creators of streaming sites are deliberately serving up malicious ads.
Around 16 percent of the sites analysed by the researchers employed scripts that attempted to combat ad blocking software.
“From the prevalence of discovered abuse, it is evident that the [streaming] parties are more inclined towards malicious advertisers to monetize their operations, exposing their users to malware=laden domains, fraudulent scams, and adult content,” said the report.
“Overall, these practices, along with the frequent accusation of copyright infringement, clearly show that [streaming] services are inclined towards intrusive and malicious monetization schemes, at the expense of user security.”
What do you know about tech and sport? Find out with our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…