Hass and Associates Cyber Security: Botnets inflate Twitch viewership

With the boom in online streaming these days, it's only expected that people will get creative and game the system to earn more money. In the case of streaming site Twitch — known for its community of gamers — it appears that some of its broadcasters are using botnet-for-hire services to illegally get those "millions" of viewers.

IT security company Symantec has released a report last week that some websites are openly advertising services that can generate big numbers of viewers on Twitch as well as on other streaming websites. One of the services identified claim to generate 5 separate streams from a single infected PC, with all the streams muted and hidden. Some add-ons on such services could also include automated chats that are programmed to send in comments during the live stream like normal users.

A botnet is a PC connected online that is used to do a task, so practically any PC can be used for this purpose even without the owner knowing. It can be hijacked to covertly perform a task from the attacker on the background and still function as it normally would, hence lowering the possibility of discovery. Aside from those, Hass and Associates Cyber Security also found out that botnets could replicate automatically to other legit viewers by links in the chat of a stream, for instance. The malware could also make itself look like an update from Google or Adobe to infect a PC.

According to Twitch's report in January, their stats for 2014 include 10,000 partnered channels, 100 million unique viewers every month and 1 million concurrent viewers. While there are partner channels that are operating legitimately, others are fraudulently boosting their viewership numbers in order to become a partner. No surprise there since becoming a Twitch partner comes with advantages like pre-stream ads and ability to get donations.

However, they have to get a consistent average of 500 viewers. That's where the botnet-for-hire comes in. Different packages are being offered with options to gain you followers, chatters and live viewers courtesy of bots. One of the service providers claims to give you 40 chatters and 100 viewers for as little as USD 30.

Lionel Payet of Symantec said, "While many broadcasters stream their gameplay online as a hobby, some have managed to turn it into a well-paid full time job. Over the past few years, this business model has grown sharply, so it's unsurprising that scammers are piggybacking on the industry in a parallel underground economy."

A connection between this discovery of botnet use and the security breach last week where stream keys, IP information and user credentials were compromised has yet to be proven, according to Hass and Associates Cyber Security. But as Payet puts it, "If a user's computer is compromised by any malware, then their info is always exposed."

Meanwhile, Twitch has responded with a statement from its Vice President of Marketing: "These illegal services are a long-standing issue that is not unique to Twitch. We detect when they are used and deal with them in a layered approach including legal action, tech solutions, and human monitoring."

There would certainly be backlash from the legit broadcasters of Twitch if this is proven to be true. For now, the question is, how many user accounts in Twitch are actually bots and just how many broadcasters have been availing of their services.

/r/cybersecurity Thread Link - hassassociates-online.com