Technologies providing copyright-infringing IPTV content are commonly used as an illegal alternative to legal IPTV subscriptions and services, as they usually have lower monetary costs and can be more convenient for users who follow content from different sources. These infringing IPTV technologies may include websites, software, software add-ons, and physical set-top boxes. Due to the free or low cost of illegal IPTV technologies, illicit IPTV content providers will often resort to intrusive advertising, scams, and the distribution of malware to increase their revenue. We developed an automated solution for collecting and analysing malware from illegal IPTV technologies and used it to analyse a sample of illicit IPTV websites, application (app) stores, and software. Our results show that our IPTV Technologies Malware Analysis Framework (IITMAF) classified 32 of the 60 sample URLs tested as malicious compared to running the same test using publicly available online antivirus solutions, which only detected 23 of the 60 sample URLs as malicious. Moreover, the IITMAF also detected malicious URLs and files from 31 of the sample’s websites, one of which had reported ransomware behaviour.
Read full abstract