Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.

Scammers are using fake Twitch sites to deliver malware

Scammers are taking advantage of streaming site Twitch's growing popularity to infect its users' computers with malware, according to anti-malware service provider Malwarebytes
This article is over 10 years old and may contain outdated information

Scammers are taking advantage of streaming site Twitch’s growing popularity to infect its users’ computers with malware, according to anti-malware service provider Malwarebytes.

Recommended Videos

It’s little surprise that the site, which has tens of millions of users and was just acquired by Amazon for nearly $1 billion, has garnered attention of serious scammers.

In one case, malware gets delivered from a phony site that mimics Twitch’s design, TwitchTV.net (the real site’s address is “Twitch.tv”). For newcomers and those less familiar with the tactics of online scams, the fake site could pose a serious danger, as it immediately prompts visitors to download software.

Image via Malwarebytes

Those files, not surprisingly, are not good. Though the programs come with names that sound innocent enough—“Desktop Temperature Monitor”, “SuperPC Tools”, and “Cinema Plus Shopping”—Malwarebytes identified two of the files as PUPs (potentially unwanted programs). These included PUP.Optional.DomaIQ, a malicious piece of software that often targets browsers and can change a number of settings, constantly redirect your page, deliver intense levels of pop up ads, and open several tabs at once.

PUPS are becoming a serious issue in online security. They often come in a package with a “legit” application,  Marta Janus, a security researcher at Kaspersky Labs, told the Daily Dot in an email. And the files “contain a license agreement that might inform [the] user of actions that such a program are going to perform, in order to ‘justify’ any suspicious/malicious behaviour, at least from the legal point of view.

“This is an easy way to exploit the fact that almost no one pays attention and reads the license agreement carefully.”

PUP is a pretty broad phrase, describing a wide array of applications that can be harmless but still annoying, like the unwanted toolbars that have been the scourge of Internet Explorer users for years. However they can also be spyware tools that collect data and send it back to servers.

“They might also include remote administration or password recovery tools, which pose a serious privacy and security risk, when installed without user’s full awareness and used remotely by cybercriminals,” Janus says.

This isn’t the first time Malwarebytes has found PUPs delivered through Twitch, or a guise of Twitch. Scammers have been spreading PUPs to users through something called Twitch bombing or Twitch raiding, where a user—or in this case a bot—raids another person’s stream to direct viewers to another, less-viewed stream. This practice is explicitly forbidden by the streaming company.

Actual humans hoping to Twitch bomb better watch out as well. In early October, Malwarebytes discovered a number of PUP files hosted on different sites that ape Twitch’s name and design, including one called TwitchBomber.pw. There, users were prompted to download Twitch bombing programs that were actually pieces of malicious software.

Illustration by Jason Reed


Dot Esports is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy
Author