by Don Groves — 27 October 2020
For many years, the Washington-based, consumer-focused Digital Citizens Alliance (DCA) group has undertaken research into cyber safety concerns to raise awareness about how to make the internet safer. Some of their work has been in pharmaceuticals, online gambling, education and the dark web. But several studies have examined the alarming connection between hackers and online pirate websites that infect computers and other devices.
As far back as 2015, the DCA revealed how the Pirate Bay exposed 12 million computers to malware every month, prompting Executive Director Tom Galvin to say,“Movies are digital bait. Pirate sites have always stolen from content creators by making shows available for free, but now they’re stealing from people who download those shows, as well.”
In 2019, they uncovered the massive revenues generated by illegal IPTV services offering pirated content and how, to generate more revenue, pirates partner with hackers “to install malware within free apps that expose consumers to risk of theft of their personal and financial data, cryptocurrency mining, adware, ransomware, and botnets using computers to perform distributed denial-of-service attacks”.
Digital Citizens Alliance recently released a new study into How Website Speculators and Registrars Trade Internet Safety to Profit. The report demonstrates that dozens of Internet domain names have been used by criminals seeking to exploit innocent people during the global coronavirus pandemic, according to a new report.
A three-month investigation by DCA found little or no effort is being made to police domains that are involved in COVID-19 scams, sex trafficking, dangerous drugs and price gouging.
Scammers are using these websites to disseminate false information about the pandemic that could result in identity theft and the distribution of fake or unauthorized medications, according to the report entitled Domains of Danger.
Between May and July, DCA investigators were easily able to purchase coronavirus-related domains such as Freecoronavaccine.net, Bleachcoronaviruscure.com, Freecure.org and Buycovidcure.net.
In one instance, an agent for the site DomainAgents offered to broker the sale of the domain name coronavaccine.com to DCA even after the researchers made it clear they wanted the domain to sell a non-existent cure.
When they attempted to purchase daterapedrug.com they were told it would cost $US4,745. Instead, they were able to purchase date-rape-drug.com from Namecheap, a domain registrar accused of sponsoring malicious domains.
The DCA said: “These results reflect an industry, much like dominant online platforms, that is basing its sketchy dealings on what it can do, rather than what it should do to foster a healthy Internet. And much like the platforms that ignored public sentiment and policymaker concern over behaviour that put profits over consumer safety, the domain industry may regret it.”
The study also delved into the murky world of website speculators who snap up potentially valuable domain names and sell them at a premium, often with little or no public benefit.
“Domain name registrars should not allow cybercriminals and online scammers to register provocative domain names used to lure people to their sites,” Democrat Senator Mazie Hirono told The Washington Post in response to the report.
“Too many of these companies put their heads in the sand while criminals use their services to prey on the public, even when criminal intent is clear in the domain name itself. Domain name registrars need to take responsibility and stop enabling scams perpetrated on the public.”
Even though the US Federal Trade Commission has received more than 170,000 consumer complaints with losses of more than $US90 million, these sites continue to offer everything from miracle cures to fake masks and false coronavirus relief checks.
“The domain industry has always had an underbelly,” said Galvin. “But over the last decade as the Internet has taken a dark turn, those with the most to gain from a booming market – website arbitragers, registrars, and domain agents – have increasingly let bad actors have their run at domain names designed to scam, harm, and worse.”
While content piracy is not the focus of this new report, there are strong echoes of the cyber security risks users face when accessing illegal online content and of the reluctance of many online platforms and services that profit from such activity to take positive steps to protect consumers.
To read the full report go here: https://www.digitalcitizensalliance.org/clientuploads/directory/Reports/DCA-DOMAINS-OF-DANGER.pdf
Don Groves reports on the Australian and APAC screen industries for If Magazine and C21 Media after working for Variety for 24 years.