Scammers Fraudulently Earning Money with Twitch Botnet
Security firm Symantec says that Twitch botnet malware-for-hire services have appeared which allows scammers to earn money fraudulently through gaming streams.
Symantec has investigated the popular video streaming site Twitch which has exposes cybercriminals who have been hijacking computers of users to add them to botnets which are leased out to synthetically inflate the numbers regarding Twitch channel audience.
Twitch permits subscribers to live-stream their gameplay for renowned online games like Minecraft and DayZ making it a big business: it has 100 million unique viewers annually, 1.5 million broadcasters and claims 16 billion minutes streamed in a month.
Lionel Payet, a Researcher of Symantec, explains that some broadcasters earn money with this kind of popularity while streaming their videos given they have a large enough viewers. If they get more than 500 viewers, they can integrate ads, offer subscriptions in lieu of additional content and set up charity pages.
Payet added that while numerous broadcasters have managed to legally earn their viewers, many others have tried to artificially inflate their figures of viewership by renting a botnet.
Symantec observed that although some scams were conceded partly by paying partakers, Symantec witnessed one Twitch botnet in the wild containing computers which were tainted with malware known as "Trojan.Inflabot."
The payload for Inflabot redirects Internauts to external websites (here for instance, designated Twitch channels) and scammers concealed the risk as a Chrome or Adobe software update to deliver the malware. Symantec found Russia (39%), the U.S. (17%) and UK (12%) as top three countries impacted by Inflabot.
Payet blogged stating that Internauts on Twitch could ultimately be impacted by diverse botnet services targeting other platforms such as gaming networks.
Payet was quoted as saying "Our prior research has shown how criminals hired distributed denial-of-service attacks to compete with gamers offline and this can also be used to attack game stream broadcasters to disturb their channels. Other obtainable malware could be designed to target this business and crown broadcasters. For instance, attackers could target renowned broadcasters with banking or data-stealing threats. They could also use chat services of popular Twitch Channel to spread malware among fans of broadcaster."