A new study has found that as much as 50% of ads on free live-streaming websites lead to malware.
Security researchers at Stony Brook University and KU Leuven-iMinds said that up until now, most of these services have only been analysed from a legal perspective.
No ad to show here.
“In addition to exposing numerous copyright and trademark infringements, we found that clicking on video overlay ads leads users to malware-hosting webpages in 50% of the cases. Most of these pages are made to look like the actual free live-streaming websites,” the researchers said in a press statement.
These ads trick users into believing they need special software to watch the stream, when they’re actually installing malware instead.
Many websites also use ads that feature fake ‘close’ buttons, the team explained. When viewers attempt to click the fake ‘X’, they risk exposure to malware.
What about ad-blockers?
The researchers noted that Google Chrome and Safari are more vulnerable, as attackers tend to target the most popular browsers.
Have an ad-blocking extension installed on your browser? You still aren’t completely safe, as attackers often use scripts in a bid to defeat the most popular ad-blockers, the researchers added.
To conduct their research, the team built a tool to help them identify over 23 000 live-streaming websites, then performing over 850 000 visits. The team then analysed roughly a terabyte of traffic.
“To alert FLIS [free live-streaming service – ed] users to potentially dangerous pages, the researchers have engineered an accurate and effective classifier. The tool can also help security analysts find and report unknown FLIS pages to curb copyright and trademark infringements. In a later stage, the classifier will be made publicly available for research purposes.”