Sports Fans Take Huge Security Risks With Illegal Streams

Sports fans who watch events using illegal online streams are exposing their PCs and mobiles to serious security risks, according to the authors of the “first empirical study of free live streaming services.”

Such streams are popular among those who don’t subscribe to pay TV channels like Sky Sports, or are in countries where an event is not being broadcast locally. For example, a business traveller in France might have to use an unofficial stream to watch an England cricket match.

The legal implications and the potential loss of revenue to broadcasters and sports organisations is well documented, with authorities in the UK ordering a number of websites that share links to streams to be blocked by ISPs.

But Zubair Rafique, Tom Van Goethem, Wouter Joosen, Christophe Huygens and Nick Nikiforakis, say there has been no comprehensive study about the security implications until now.

Free streaming ecosystem

The creators of these streams and the websites that link to them monetise this user base through aggressive advertising, most of which is deceptive, and according to the report’s findings, half of which is malicious.

“This was not a surprise for us since the nature of ads that we encountered when considering this project was also mostly malicious and is what prompted us to conduct this study,” said the authors, who created a system which used search engines to identify streaming sites and inspected network traffic to find media servers.

It found 23,000 webpages connected to 5,685 domains and made more than 850,000 visits, creating 1 terabyte of data on the free streaming ecosystem.

Sixty-four percent of these sites had been reported at least once for copyright infringement and 60 percent were located in Belize, the Netherlands, Sweden and Canada. Up to seven percent used the logos of legitimate broadcasters in a bid to attract more hits.

Malicious advertising

Analysis showed that 93 percent of the video players on these pages were “stuffed” with overlay ads hiding more than 80 percent of the page. Tricks such as fake close buttons hope to encourage clicks on the dodgy ads, some of which offer false law enforcement notices and others which try to install malware, extensions or fake video plug-ins.

Some sites tailor their advertising depending on the browser being used. For example Chrome and Safari users will see more malware-centric overlay ads, whereas Internet Explorer and Firefox summons more scams.

Concerns about security have partly fuelled the popularity of ad blockers, particularly as a number of adult sites and others have been targeted by malvertising attacks in recent times. However these assaults have been caused by attackers infiltrating popular ad networks with malicious creatives whereas the creators of streaming sites are deliberately serving up malicious ads.

Deliberately deceptive

Around 16 percent of the sites analysed by the researchers employed scripts that attempted to combat ad blocking software.

“From the prevalence of discovered abuse, it is evident that the [streaming] parties are more inclined towards malicious advertisers to monetize their operations, exposing their users to malware=laden domains, fraudulent scams, and adult content,” said the report.

“Overall, these practices, along with the frequent accusation of copyright infringement, clearly show that [streaming] services are inclined towards intrusive and malicious monetization schemes, at the expense of user security.”

What do you know about tech and sport? Find out with our quiz!