This week security researcher Gabor Szathmari published a report claiming that over 99% of torrent proxies contained malware or other hidden surprises that could seriously impact visitor’s systems.
Torrent sites have been receiving negative press around the world with Europe becoming a hotbed of ISP wide blocks generally handed down by local courts. The UK leading the way is no stranger to such blocks and it is unusual for a month to go by without another batch of torrent websites being added to the ever growing list.
Austria has become the latest country to block the popular torrent site The Pirate Bay with rumour that Australia will be next in line to add the famous torrent site to its permanently banned list.
Torrent Proxies everywhere
With torrent sites being blocked more than ever and also being some of the most popular sites worldwide, a recent phenomenon has evolved with Torrent Proxies springing up like the offspring of rabbits. The internet is now saturated with Torrent Proxies that serve the basic function of allowing blocked torrent sites to be indirectly accessed via a third party website.
Torrent Proxies have become the solution of many to access sites otherwise blocked in their country, not only are they easy to use but they’re also everyone’s favourite price, free.
Security researcher Sazthmari tested over 6000 of these free torrent proxies to see how many of them solely serve up the torrent site versus how many add in hidden extras such as malware and other nasty surprises. Unfortunately for users of such proxies Sazthmari found that 99.7% of all the sites he tested added some form of injection or hidden script leaving just 0.03% that are “clean”.
What this means for you as an end user is when using a free torrent proxy not only are you receiving the torrent site but there are also extras being injected into the session which could include adverts that contain malware or other junk that puts your system at risk.
The security researcher discovered that most sites that are adding in extra nasties didn’t stop at 1 extra but had on average 4 or 5 extra scripts injected into the session.
What’s being injected in YOUR browsing session
While not all these injections were malicious in nature and in some cases they contained only google adverts as a way to earn the torrent proxy provider revenue others were of a more serious nature and contained “drive-by downloads” and “exploits”.
Szathmari carried out the test by examining the source code of popular torrent sites such as The Pirate Bay versus the same site accessed through a torrent proxy to discover if any additional code had been introduced through the script portion of the site.
As part of his research he investigated certain sites more in-depth and found he was hit rather quickly with false video codecs and fake update notices for add-ons such as Flash all of which resulted positive when uploaded to virus scanning websites for nasties such as malware.
Although it couldn’t get much more serious than downloading malware to your computer the researcher also found that in the background of his browsing session his system was being used to take part in click-fraud which in turn was generating fake views for “some car racing videos” of which again the owner of the torrent proxy would be getting paid.
Szathmari summarised his findings in an interview with TorrentFreak in which he recommends that if a website is blocked by an ISP then using a reputable VPN provider such as the ones listed by ourselves like IPVanish, VPN.ac, LiquidVPN and many of those found in our VPN Comparison Guide to be the safest solution.
While there are some good users offering Torrent Proxies that do not contain malware with such high percentages as discovered it is almost certain that using a Torrent Proxy is like playing Russian roulette with the safety of your computer and with odds that are stacked highly against you it isn’t worth the risk.
Image courtesy of mapichai at FreeDigitalPhotos.net