Security News 50% of ads on free livestreaming websites are malicious

[frogboy]

Millions of people use free livestreaming websites to watch sports and other live events online, but this comes with a considerable security risk. Researchers from KU Leuven-iMinds and Stony Brook University have found that viewers are often exposed to malware infections, personal data theft, and scams.

Many users of free livestreaming websites may be aware that the video content on these websites is typically streamed without the content owner’s consent. What they often underestimate, however, is the security risk that comes with watching these videos. Users may get their personal devices infected with malware, or they may be the victim of personal data theft and financial scams.

“Until now, free livestreaming services (FLIS) have mostly been analysed from a legal perspective. Our study is the first to quantify the security risk of using these services,” explains M. Zubair Rafique (KU Leuven Department of Computer Science / iMinds). “We have assessed the impact of free livestreaming services on users. We also exposed the infrastructure of the FLIS ecosystem.”

Full Article. 50% of ads on free livestreaming websites are malicious - Help Net Security

 

[OC-Rat11]

This is an interesting article. I read this last night on another website. I'm one of those guys that accesses those sites. It's amazing how many of those popups you get. Most of them are for bogus flash updates.

Whenever I do visit them, I always do it via sandboxie. I would never visit those sites "naked". And I don't mean just having antivirus. I mean going VM or sandboxing it.

I know some guys that do it while at work going in bare without a sandbox or VM. Can you imagine people doing that on their work network?

 

[OC-Rat11]

To add to the OP article:

“Our analysis reveal that one out of two ad websites, presented to the FLIS service users, is malicious in nature, offering malware (zero-day in one case), showing fake law enforcement messages to collect purported fines, and luring users to install malicious browser extensions."

"Nearly a quarter of sites in the study were hosted on servers in Belize. The researchers found that more than 60 percent of the streams originate from five companies located in Switzerland, the Netherlands, Sweden, Canada, and Belize."

"During their experiment with overlays ads, the researchers downloaded 12,683 malware payloads, which they checked against the Google’s Virus Total database. In total, they identified 1,353 unique binaries."

Free sports live-streams riddled with malicious adverts

 

[Windows_Security]

Netherlands KU Leuven

LOL Katholic University Leuven is in Belgium, calling a Belgium - Dutch is as insulting as calling Canadians - Americans, Kiwi's - Aussies, Irish- English, Peruvians - Chileans, Austrians - German, etc

 

[Der.Reisende]

Superb share @frogboy!
Really interesting, shocking, but on the other hand, predictable, nothing comes for free.

Also, very good Input @OC-Rat11 regarding both additional reading and risk mitigation.

 

[jamescv7]

One of the reason to have adblocker which does not really mean to kill the advertisement industry. Many became abusive hence computers are compromised.

Developers tends not to focus and analyze those advertisers but rather expect more revenues without any discretion.

 

[conceptualclarity]

Many thanks, frogboy.

“It’s a public secret that the FLIS ecosystem is not averse to using deceptive techniques to make money from the millions of users who use their services to watch live (sport) events,” says Nick Nikiforakis (Stony Brook University). “One example is the use of malicious overlay ads, which cover the video player with fake ‘close’ buttons. When users click these buttons, they risk being exposed to malware.”

Yikes, that's awful! I hate overlay ads, and I've clicked on their "X"s many times to get rid of them.

Are you likely to encounter malvertising from overlay ads on YouTube?

This is an interesting article. I read this last night on another website. I'm one of those guys that accesses those sites. It's amazing how many of those popups you get. Most of them are for bogus flash updates.

Whenever I do visit them, I always do it via sandboxie. I would never visit those sites "naked". And I don't mean just having antivirus. I mean going VM or sandboxing it.

What is the simplest, easiest program with a short learning curve to bring up for this purpose?

One of the reason to have adblocker which does not really mean to kill the advertisement industry. Many became abusive hence computers are compromised.

I have been thinking not to use ad-blockers in the future out of my concern for their effect on free websites, like this one. Is there a way to configure Adguard or UBlock Origin or other ad-blockers to only block threats like these or only overlay ads?

 

[DardiM]

From a positive perspective, 50 % of ads on free live streaming websites are NOT malicious

@conceptualclarity :
With uBlock Origin, in the first window, you have for example : an element selector (to select the part to block), and at the bottom the possibility to activate / dis-activate popups, media, aesthetic filtering, remote handwriting font.
In the uBlock Origin dashboard, you have also a lot of options (parameters, filters, etc...)

 

[frogboy]

@DardiM so very true and a good perspective to look at it from.

 

[JM Safe]

Thanks for this news @frogboy

 

[jamescv7]

@conceptualclarity: Yes in Ublock Origin it is possible, you can select any elements on a website that will only block specifically.

The suggestion has been mentioned by @DardiM.

 

[conceptualclarity]

Thanks, fellows.

This is an interesting article. I read this last night on another website. I'm one of those guys that accesses those sites. It's amazing how many of those popups you get. Most of them are for bogus flash updates.

Whenever I do visit them, I always do it via sandboxie. I would never visit those sites "naked". And I don't mean just having antivirus. I mean going VM or sandboxing it.

Anybody have suggestions on the simplest, easiest program with a short learning curve to bring up for this purpose? I once tried Sandboxie on this old computer, and it just immediately froze Pale Moon and wouldn't let go till I removed it.

 

[frogboy]

Thanks, fellows.



Anybody have suggestions on the simplest, easiest program with a short learning curve to bring up for this purpose? I once tried Sandboxie on this old computer, and it just immediately froze Pale Moon and wouldn't let go till I removed it.

A @jamescv7 uBlock Origin should do the trick for you.