The study found that the more time users
spent on pirate sites the higher the likelihood that some type of malware would
compromise their computers.
It is hardly a surprise to learn that
navigating to pirate websites entails a higher risk of running into malware.
But a researcher from Carnegie Mellon University in Pennsylvania, US, set out
to quantify the risk that this ‘free lunch’ involves in a real-world setting.
Having observed the online activities of 253
people throughout 2016, Professor Rahul Telang concluded in a
newly-released paper that the more time the users spent on piracy
sites the higher the likelihood that some type of malware
would compromise their computers.
Specifically, every doubling of the amount of
time that the users spent on various illegal torrent and streaming sites
resulted in a 20-percent increase in malware count on their computers,
according to the paper entitled “Does Online Piracy Make Computers Insecure?
Evidence from Panel Data”.
Put differently, a 100-percent rise in the
time spent on pirate websites increased “the number of malware count by almost
0.05 units”. On average, the visitors of dodgy sites ran into what amounts to
0.24 of a piece of malware per month.
The higher incidence of malware delivery
remained unchanged regardless of whether or not adware was
included in the equation. “In short, whether we include total malware count or
malware count without adware, we find that time spent on infringing sites
increases the malware count by almost 20 percent,” reads the study.
Many sites that provide access to pirated
content rely on adverts for revenue. However, this may expose visitors to malicious
advertising, or ‘malvertising’,
in which ads are conduits for a broad range of cyber-threats.
The paper’s classification of files as either
benign or malicious relied on the multiscanner site VirusTotal. The paper
notes, however, that its measure of malware “is probably an undercount of the
actual number of malware files found on user machines since virustotal is not
able to identify all malware signatures”.
Another finding gleaned from the study is the
fact that people who visit pirate websites are no more likely to take extra
precautions by installing anti-malware software. The installation rate for such
software was roughly 60 percent for both groups, which were called “infringers”
and “non-infringers” in the study. Meanwhile, the infringers were found to
spend much more time browsing the internet in general.
To conduct the research, the users’ home
computers were fitted with background sensors that captured their browsing data
in a discreet manner. The data shed light on a number of parameters – what
websites the users visited, if they had anti-malware software or firewalls
installed, whether they downloaded any files from sites that make pirated
content available, and whether any evidence of malware intrusion into their
systems was found.