It's Free for a Reason: Security Risks of Live Streaming

(Reprinted from WIRED June 15, 2016)

Half of all illegal sports livestreams show malicious ads

Illegal streams pose a major security risk, exposing people to malware, data theft and financial scams

Watch sports on free livestreaming websites? Bad news: there's a 50 per cent chance those overlay ads are malicious.

Analysis of more than 23,000 free streaming websites revealed that, perhaps unsurprisingly, the illegal streams posed a major security risk, exposing people to malware, data theft and financial scams.

Researchers from the university of KU Leuven in Belgium and Stony Brook University in the US used a semi-automated tool to identify and analyse livestreaming sites. The 23,000 sites found corresponded to 5,600 domain names, 20 per cent of which were in Alexa's top 100,000 websites.

The semi-automated system then visited these sites 850,000 times and analysed more than one terabyte of resulting traffic. From those visits, as many as half of the adverts turned out to be malicious.

“It’s a public secret that the [free livestreaming] ecosystem is not averse to using deceptive techniques to make money from the millions of users who use their services,” said Nick Nikiforakis, assistant professor from the department of computer science at Stony Brook University.

Many overlay adverts on livestreaming sports sites have fake close buttons, or close buttons that move when a mouse is hovered over them. This deceptiveness exposes users to further risk of being exposed to malware.

“In addition to exposing numerous copyright and trademark infringements, we found that clicking on video overlay ads leads users to malware-hosting webpages in 50 per cent of the cases," said Zubair Rafique, a PhD student in computer science at KU Leuven who worked on the project.

Rafique explained that many of the malicious websites were designed to look identical to actual free livestreaming sites. "Users are tricked into believing they need special software to watch the livestream," he said. Google Chrome and Safari were more vulnerable to the approach because attacks target the most popular web browsers, according to Rafique.

Copyright holders have engaged in a running battle with illegal streaming services for years, but with little success. While major streaming sites have been shut down, replacements appear almost instantly. In the UK, rights holders have turned to the courts to force internet service providers to block hundreds of popular livestreaming and torrenting sites.

In December 2015 alone, 85 copyright-infringing sites were blocked following an order from the High Court. While most of the sites blocked were torrent sites, livestreaming has also been targeted.

According to the Premier League, around one million people watch illegal livestreams of its football fixtures every week. In February, The Times reported that league officials were working with security firms to try and come up with a more effective way of blocking illegal livestreams.

Click here to read more about Professor Nikiforakis' research.