Sports fans who watch events using illegal online streams are exposing their PCs and mobiles to serious security risks, according to the authors of the “first empirical study of free live streaming services.”
Such streams are popular among those who don’t subscribe to pay TV channels like Sky Sports, or are in countries where an event is not being broadcast locally. For example, a business traveller in France might have to use an unofficial stream to watch an England cricket match.
The legal implications and the potential loss of revenue to broadcasters and sports organisations is well documented, with authorities in the UK ordering a number of websites that share links to streams to be blocked by ISPs.
But Zubair Rafique, Tom Van Goethem, Wouter Joosen, Christophe Huygens and Nick Nikiforakis, say there has been no comprehensive study about the security implications until now.
“This was not a surprise for us since the nature of ads that we encountered when considering this project was also mostly malicious and is what prompted us to conduct this study,” said the authors, who created a system which used search engines to identify streaming sites and inspected network traffic to find media servers.
It found 23,000 webpages connected to 5,685 domains and made more than 850,000 visits, creating 1 terabyte of data on the free streaming ecosystem.
Sixty-four percent of these sites had been reported at least once for copyright infringement and 60 percent were located in Belize, the Netherlands, Sweden and Canada. Up to seven percent used the logos of legitimate broadcasters in a bid to attract more hits.
Some sites tailor their advertising depending on the browser being used. For example Chrome and Safari users will see more malware-centric overlay ads, whereas Internet Explorer and Firefox summons more scams.
Concerns about security have partly fuelled the popularity of ad blockers, particularly as a number of adult sites and others have been targeted by malvertising attacks in recent times. However these assaults have been caused by attackers infiltrating popular ad networks with malicious creatives whereas the creators of streaming sites are deliberately serving up malicious ads.
Around 16 percent of the sites analysed by the researchers employed scripts that attempted to combat ad blocking software.
“From the prevalence of discovered abuse, it is evident that the [streaming] parties are more inclined towards malicious advertisers to monetize their operations, exposing their users to malware=laden domains, fraudulent scams, and adult content,” said the report.
“Overall, these practices, along with the frequent accusation of copyright infringement, clearly show that [streaming] services are inclined towards intrusive and malicious monetization schemes, at the expense of user security.”
What do you know about tech and sport? Find out with our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…