Streaming via illegal websites is spreading at break-neck speed and France is the European champion in this discipline. In addition to the legal aspects, streaming is particularly risky for individuals and companies alike.
On 14 April 2019, the release of the final season of the cult TV series, Game of Thrones, once again provided the opportunity for millions of fans to resort to illegal streaming. When it comes to computer security, the risks of illegal streaming are often underestimated. Closing pop-ups and not downloading false Adobe applications does not make you immune to threats.
Malware is (probably) coming... if you pirated Game of Throneshttps://t.co/nlU7KkOlvX pic.twitter.com/IVGHdmYfBU
— Gizmodo (@Gizmodo) 28 avril 2019
10.5 billion visits on illegal streaming sites in France
As a reminder, streaming, which enables you to listen to and watch programmes online without having to download them is not illegal in itself. Major web platforms, such as YouTube, Deezer, Netflix, etc., use it. However, a vast number of other platforms are providing the public with programmes, films and TV series without permission.
According to the MUSO report published in March 2018, in 2017, France recorded no less than 10.5 billion visits on piracy websites and illegal streaming platforms. Mainland France is therefore the European champion of this fraudulent practice ahead of Germany and the United Kingdom.
Streaming, a key vector in the dissemination of malware
However, beyond a possible fine for receiving stolen goods (up to 1,500 euros), if downloading is involved, the risks for users are not without consequences. By clicking on misleading adverts, the web user is in particular opening themselves up to their terminal being infected by a computer virus (ransomware, trojan, cryptomining, etc.). “Illegal streaming sites are effectively insufficiently protected. Lacking time, resources and awareness of cybersecurity issues, these platforms are the preferred playground for malicious acts”, points out Adrien Brochot, Product Leader Endpoint Security at Stormshield.
You are 28 times more likely to be infected by malicious software when using illegal streaming!
According to a report by the association of internet security professionals, 97% of these platforms would in fact more or less be infected. Furthermore, the warning to users of pirated content from the Federation Against Copyright Theft (FACT), the British agency against audiovisual piracy, is clear: “You are 28 times more likely to be infected by malicious software when using illegal streaming!”
The threat is even greater if streaming is performed by a company employee who uses their business PC to watch an episode of their favourite series via this type of illegal site. You can hardly blame them: who has never used their business computer at home during the evening to watch the rerun of their favourite team’s match? Or even quickly watching an episode during your lunch break? So it is really important to draw attention to the fact that employees are therefore much more likely to make it easy for viruses to infect their company’s servers or networks. This is not without the subsequent damages that we are well aware of.
Highly varied attack mechanisms
Cybercriminal techniques are abundant via illegal streaming sites. You can be exposed to a phishing action by logging on to a streaming site that looks exactly the same as the original site (same design, same typography, similar or even identical connection url, etc.) and that will in fact try to steal your personal data. Similarly, by downloading a free streaming viewing or peer-to-peer application, you could expose your computer to the intrusion of malware or cryptomining software – an action aimed at using the power of a regular computer, which will run without your knowledge, in order to generate cryptocurrency. Big names like Cacaoweb or PopCorn Time have often been singled out and are always the subject of much debate in the cyber community.
Another risk that should not be ignored is the use of a Flash player. The multiple flaws found on this multimedia player are known to enable malicious hackers to infect your computer, before using it to send spam to other internet users, or even steal documents or install ransomware. Now banned from Apple or Microsoft ecosystems, this technology has been replaced with HTML5, WebP or even WebM – deemed to be more secure. And then subsequently, on top of that other vulnerabilities have been discovered…
Even more cunning is the technique of false track that makes you click on a pop-up inciting you to download security software. “The principle is clever” explains Paul Fariello, Security Researcher at Stormshield. “These false error messages lead you to believe that you have a technical problem and incite you to download an antivirus”.
Lastly, there is a fine line between streaming and downloading – some streaming applications even suggest downloading episodes or programmes on your computer. In this case you need to be very careful as very often the files that you are about to install on your computer may contain adware or downloader type programs. In addition to receiving a poorly focused version with unsynchronised sub-titles and almost zero quality, you could be receiving all kinds of malware.
What measures need to be put in place in professional settings?
The business world is therefore not spared from this illegal streaming phenomenon. By watching their programmes on their business computer during working hours, their lunch break or even in the evening at home, employees are exposing their company to a number of risks.
“To limit these risks, installing a UTM (United Threat Management) solution provides a first level of network protection. Based on a firewall, this solution, in particular, provides a URL filtering function that blocks these streaming sites via dynamic classification in the Cloud. In addition, other functions provide further protection against infections disseminated by some of these sites. This is the case of sandboxing that will run programs in a sandbox environment, from the IP reputation, which assigns scores to IP addresses or even traffic reports that analyse bandwidth usage”, advises Julien Paffumi, Product Marketing Manager at Stormshield.
Solutions for protecting against the exploitation of vulnerabilities on browsers are not to be overlooked. “HIPS bricks effectively detect malicious behaviour that becomes normal behaviour expected by employees”, explains Adrien Brochot. However, the best defence is still raising awareness with users, who have to understand that illegal streaming of course constitutes breaking the law, but is above all dangerous.
