When the new season of HBO’s “Game of Thrones” premieres next month it will almost certainly become one of the most illegally downloaded shows of all time. The problem is that many viewers who torrent the hit show from the Pirate Bay, for instance, won’t just be catching up with the Lannisters, they’ll also be downloading malware that makes it possible for hackers and anti-piracy enforcers to access their computer.
The Pirate Bay spent the last decade exemplifying the risks, and rewards, that come with using BitTorrent protocol to steal movies, TV shows and music. The Swedish site managed to stay one step ahead of law enforcement and international copyright enforcers while making it possible to download a massive database of media content before it was shut down in November. Even in death, though, zombie versions of the site are using the Pirate Bay brand to trick users into providing their personal information and downloading Trojan viruses.
(Readers are advised to avoid visiting any of the websites mentioned in this article.)
Take thepiratebay.ee, for example. The mirror site sprung up after the Pirate Bay’s demise, initially making itself available only after users agreed to pay for a subscription. When that plan failed thepiratebay.ee began to inundate visitors with popup ads asking them to update their system settings by downloading a media player that, while appearing legitimate, infected the would-be pirate with malicious software that gives hackers access to their data.
Not that any of this risk is unique to the Pirate Bay, which even in its heyday hosted skeevy ads that linked to nefarious content. Security researchers have consistently found that piracy sites, which already thrive on illegal content, reap much of their revenue by hosting content that legitimate sites have no interest in. One study conducted last year by the media industry-backed firm Incopro found that, of the 30 most visited piracy sites, 29 included links to unwanted software or credit card scams.
“These users exploit the popularity of the BitTorrent system in order to rapidly propagate malware among thousands of users,” stated an unrelated study into the proliferation of fake torrent files, conducted by the University of Madrid. “The content has the standard size of a DivX movie, and even sometimes includes a second small file with a real sample of the movie…When the movie is finally reproduced…a popup window appears requesting to install now codecs along with an url link from where these codecs can be downloaded. Of course, the file including those pretended codecs is reported as a malware by security and anti-virus software.”
The real problem is that, in order to download a torrent file, a user has no choice but to download it from multiple unknown sources. There’s no way to know for sure if a file was posted by a trustworthy source, hackers or, by an anti-piracy organization hoping to trick users into downloading bait torrents.
Copyright enforcers have been playing catchup with the piracy for community for years on this issue, starting when emails leaked in 2007 revealed that a multitude of companies have popped up with the sole purpose of disrupting peer-to-peer downloads.
For example, a company might upload a file titled “TheImitationGame.2014.DVDRip.” As the file starts to become popular, the anti-piracy firm logs each of the IP addresses connecting to that file. Of those users, the lucky ones might receive an email from their Internet Service Provider advising them to avoid copyright infringement, while the rest could find themselves on the wrong end of a major lawsuit.
Emails leaked as part of the widespread hack on Sony Pictures revealed that this method of enforcement, known as torrent poisoning, is still a matter of debate at the major Hollywood studios. Executives suggested uploading a snippet of the popular show “Hannibal,” only to be shot down for fear of complicating future lawsuits from the Motion Picture Association of America.
“Personally, I love this…unfortunately the studio position is that we absolutely cannot post content (even promos) on torrent sites,” wrote Pamela Parker, a senior executive who oversees Sony’s international TV distribution, as quoted by Motherboard. “The studio spends millions of dollars fighting piracy and it doesn’t send a good message if we then start using those same pirate sites to promote our shows.”
So why, even with all this knowledge and with the widespread availability of inexpensive streaming services like Netflix and Spotify, would someone still download content illegally? Not only is it possible to pirate movies and music with minimal risk, but economists say it’s a simple matter of risk vs. reward. When there are so many files online, the likelihood that one user will be either busted or impacted by malware remains relatively small.
“It’s not as though there’s a panacea for content owners because their perspective is that piracy always lingers,” said Joel Waldfogel, a professor of applied economics at the University of Minnesota who has done extensive research on digital piracy. “When there’s an inexpensive and convenient way to get stuff for free people, tend to not pirate.”