What is the Most Dangerous Pirate Content to Download?

[Matrix]

 

While many users are attracted to the lure of free content, piracy sites that allow user uploads always carry the risk of a download not being what it claims to be. So what are the most dangerous downloads and should people risk them? It's a question of balances but for the novice, abstinence is the safest all-round solution.

 

 

Over the past couple of years, anti-piracy strategies have taken an interesting turn.

 

Where once people were asked to “think of the creators”, they’re now more likely to be told that visiting a pirate site is akin to Russian roulette and just a step away from digital doomsday.

 

If that strategy had worked, piracy would be a thing of the past. As things stand, most people simply ignore the scaremongering, instead preferring to employ a more measured response.

 

The concerning thing about these campaigns is that while anti-piracy groups have a job to do, they should consider how insincere the messages sound. Genuine concern would be accompanied by helpful advice to avoid trouble but that’s never going to happen because user safety isn’t the big issue here, reducing piracy is.

 

Not to say that any of this is fundamentally wrong. Business is business after all. But what is really interesting is that the companies making the most noise about supposed malware don’t have a product through which it is easily spread.

 

Video formats used to shift movies, TV shows and live sports aren’t known for delivering malware – software is – and software companies rarely if ever issue stark warnings about malicious payloads. All things considered, perhaps they should.

Downloading Software is Indeed Russian Roulette

While there are sites and forums containing curated material that has a much lower chance of infecting the user, the same cannot be said about many public torrent sites and similar platforms. If a site allows users to upload files and doesn’t moderate uploads 24/7/365, there is a not insignificant chance that there will be viruses and malware ready to pounce.

 

The screenshot below was taken on The Pirate Bay on Wednesday. To novice users, there’s little to arouse suspicion but for those who have been around for a while, this is a disaster zone.

 

 

What we have here is a range of software and games that would’ve ordinarily appeared in isolation, scattered around TPB indexes. The reason they’re here in one list is that they were all uploaded by the same user so, for illustration purposes, we grouped them together. They are not so easily noticed on the site itself when unsorted.

The Signs Aren’t Hard to Spot – At Least With a Little Patience

There are many observations one can make just from the list above. The most obvious is that the uploads are all exactly the same size, meaning that whatever malware lies beneath is identical for all files. This is a big red flag that can be easily spotted by checking other uploads made by the same user as they tend to upload in bulk.

 

The second is the filesizes themselves. People who spread malware often like to get their poison out there as quickly as possible so the smaller the download, the more likely it is that inexperienced users will download the file. What is needed here, however, is a little bit of common sense and a pause for thought.

 

In the screenshot above, Song of Horror Complete Edition and Trine 4: The Nightmare Prince are not going to arrive in tiny 14MB packages. However, despite that obvious issue, more than 350 people had downloaded each ‘game’ at the time of checking. That’s certainly not good for the users but it’s fair to say that other problems are less easily spotted using the filesize rule.

 

Even in its official form, WinRAR is a very small download of just 3MB so given that the package being offered above supposedly contains a key generator too, a few extra megabytes isn’t particularly shocking. However, the ridiculous thing here is that not only is it the most popular download on the list, but WinRAR is essentially free forever, downloadable from the official platform. And that version doesn’t come with a virus either.

Downloads Don’t Have to Be Small to Be Dangerous

One of the attractions for downloaders is that they can get expensive software for free. This includes copies of Windows, Microsoft Office and various top-tier Adobe products, to name a few. In many cases it’s possible to seek out ‘safe’ copies of these tools on pirate sites but in reality, this is a game for the experienced – or the lucky.

 

Novice pirates can often download exactly what they wanted with little trouble but there are always risks and with limited knowledge to fall back on, they are not always apparent.

 

This problem is amplified among the often younger audiences seeking out pirated games and the associated cracks. With tunnel vision at the prospect of getting the latest AAA title for free, people take risks fueled by emotion and after a 50GB download, security isn’t as high on the agenda as it should be.

Software and Games Are the Riskiest Content, Period

Unlike formats such as MP4 and MP3, which are widely used to distribute video and audio via pirate sites and require a third-party player to consume, executable files (.exe, for example) gain direct access to a user’s computer. While this might take place to install a game or software application, it is trivial for this process to install viruses and malware.

 

Sure, users can take defensive measures such as having a decent up-to-date anti-virus and/or anti-malware tool activated but in some cases, pirate downloads actually instruct users to turn off their protection if the game/software doesn’t install properly. This is often due to anti-virus tools detecting cracks as PUPs (Potentially Unwanted Program), thereby preventing them from running.

 

Fairly obviously, this also provides the perfect free-for-all environment to install something nasty as well or instead, turning the dream of expensive software or gaming heaven into an immediate security nightmare, thanks to the overly-trusting nature of the user.

It’s Really a Question of Trade-Offs

There will be no shortage of readers who have never had a problem with pirated software/games and also some who simply believe they haven’t. That being said, software and videogame piracy has always been a trade-off between saving money, avoiding DRM and, at least potentially, facing the prospect of machine that won’t boot or worse still, stubbornly boots every time while doing its evil work.

 

Personally speaking, I’d rather use Open Office and GIMP than pirate copies of MS Office and Photoshop. When it comes to games, waiting a few months for a significantly cheaper price isn’t a problem since there’s no craving for the latest titles on launch. And for me, a free copy of Z-Zip is always preferred to a suspect copy of WinRAR downloaded from anywhere.

 

Then again, I absolutely must have my PC in perfect working order every single day and the risk of malware or viruses never trumps that. The bottom line is that if anyone needs a completely stress-free and risk-averse computing life, installing software from unvetted sources always has the potential to undermine that.

 

Of course, the technically skilled out there will be shouting that it’s all really quite simple and malware is mostly easy to avoid and they would be right. However, balance that confidence against the years it’s taken to amass the relevant knowledge and it’s clear that a significant investment is involved.

 

For novices that don’t have that time, open-source software and paying for something every now and again can be the cheaper and safer option.

 

  Source

[lurch234]

This should be pinned!

[Marcus Thunder]

34 minutes ago, Mach1 said:

 

 

It is scary how these files have lots of seeders, makes me wonder about the percentage of computers in the world that are infested with viruses.

40 minutes ago, Mach1 said:

executable files (.exe, for example) gain direct access to a user’s computer

I think virus scanning may not be enough in some cases, if you like to test executables you should use a virtual environment especially if it instructs you to turn off your antivirus (though it would be ridiculous to extract a repack in a virtual machine) or make sure to read the comments of users who tested it (Warning: In public torrent sites comments might be misleading). Usually downloads released by teams as PLAZA in the picture above can be trusted but unfortunately that rule does not apply to public torrents.

Do not download apps or video games except from a trusted site released with nfo, md5 hashes, release dates.... In General, be very obsessive about exe files, if you plugin for example a usb device in an infected system there is a good chance that all your installers will be destroyed for good and used to propagate the virus.

[Matrix]

1 hour ago, lurch234 said:

This should be pinned!

 

Thank you my friend but pinning News articles is not something that's been done before and I guess for good reason but thanks all the same.

[Marik]

I remember there used to be or is still a site which acted similar to virustotal but went above and beyond and also acted like a sandbox, detailing where and what files get installed as well as pointing out registry entries and application behavior, which allowed one to see if it would make changes to host files or files in general.

 

If anyone can recall the name of said site that would be fantastic.

[zanderthunder]

 

1 hour ago, Marik said:

I remember there used to be or is still a site which acted similar to virustotal but went above and beyond and also acted like a sandbox, detailing where and what files get installed as well as pointing out registry entries and application behavior, which allowed one to see if it would make changes to host files or files in general.

 

If anyone can recall the name of said site that would be fantastic.

 

Something like this one?

https://any.run

because what you are talking about, is referring to online sandbox analysis service.

[B0xx]

Or https://www.hybrid-analysis.com/

[lurch234]

3 hours ago, Marcus Thunder said:

Usually downloads released by teams as PLAZA in the picture above can be trusted but unfortunately that rule does not apply to public torrents.

 

Right you are my friend. My first infection (out  of two) was with a keygen from embrace. It was an old version of Nero I got from The Pirate Bay. Someone tampered with the keygen.

Fortunately the crap we got in those days were less disastrous then what we have today. I got some self replicating bug that started slowing down my system. I had just enough time to enable a restore point before it froze over.

 

Quote

Do not download apps or video games except from a trusted site released with nfo, md5 hashes, release dates....

 

Including the uploader himself. Over the years I have come to trust a few uploaders over at Warez-BB. Messaged some of them too. One of them was a member of Core-Pack and is a super moderator.

[Marik]

10 hours ago, zanderthunder said:

 

 

Something like this one?

https://any.run

because what you are talking about, is referring to online sandbox analysis service.

Had to search through the bookmarks but finally found it.

 

It was threatexpert, but I see that it's not around anymore.

[straycat19]

18 hours ago, Marik said:

Had to search through the bookmarks but finally found it.

 

It was threatexpert, but I see that it's not around anymore.

 

but they still have their blog up

http://blog.threatexpert.com/

 

[Nuclear Fallout]

Information for which either States or individuals would issue a termination order.

[JohnMarston]

That is why everyday I am grateful to the wonderful community here at nsane. Much of the risk falling victim from shady downloads is being eliminated and many times one can learn a lot from other users' experiences and recommendations.

[spudboy]

What is the Most Dangerous Pirate Content to Download?

 

tl;dr answer - Everything on every public tracker.

[jramon2566]

On 7/25/2020 at 7:25 AM, Mach1 said:

For novices that don’t have that time, open-source software and paying for something every now and again can be the cheaper and safer option.

which is also no guarantee that they will not be infected by viruses, Trojans or hackers.

Since the use of computers and the Internet is like entering a hospital of COVID19 patients without protection ... 😷😷