Belgian and American researchers report that 50% of overlay advertisements on free live streaming sites are malicious. The researchers developed a tool that allowed them to identity live streaming sites. The sites were automatically visited and the data stream generated by these sites was analyzed.
No specifics on the visited websites are reported, other than that in total 23,000 sites were analyzed of which 20% is listed in the Alexa top 100,000 of most popular sites. The researchers monitored data from these sites by visiting them 850.000 times, resulting in a data set of more than 1 TB.
By analyzing that data the researchers found that many of the sites infringe on copyrights and trademarks and that many videos contain overlay advertisements. About 50% of these intrusive advertisements direct users to websites serving malware. These websites are often made in such a way that they resemble free live stream websites.
This is done to trick users into installing malware by showing an message alerting the user that additional software has to be downloaded to view the live stream.
“Chrome and Safari can be more easily abused for this than other browsers”, according to head researcher Zubair Rafique. “This is likely because attackers focus on the most popular browsers”, he added.
The researchers also found that many free live streaming services also use anti-adblock scripts that try to detect and disable popular adblockers.