A third of content sites contain malware, 45 percent of which was delivered by drive-by downloads, a recently released report found.
Acknowledging that content theft has long been a menace, the study, "Digital Bait," commissioned by the Digital Citizens Alliance and conducted by RiskIQ showed that bad actors are using stolen content as a means to “bait mainstream consumers” thereby uncovering “an effective means to hack into millions of computers.”
Thieves have incentive to bait users, steal personal information and commandeer control of their computers—bad actors make about $70 million annually “peddling malware.” But Digital Citizens contended that their business model has changed, focusing on consumers. “Historically, they have profited by taking money out of the pockets of content creators,” the report noted. “Now, content thieves have created another stream of revenue that comes from the spread of malicious materials to the computers of unsuspecting consumers.”
The study, which examined 800 sites that distributed stolen movies and TV shows, found consumers were “28 times more likely to get malware from a content theft site than on similarly visited mainstream websites or licensed content providers.”
Once attackers make their way into a computer, the report found they use it for a number of schemes, including the theft of bank and credit card information, identity theft and demanding ransom after locking the user's computer.