Anti-Piracy Portal Blocked Due to Alleged Phishing & Malware

[Matrix]

A government-backed portal set up to convince pirates that going straight is the best philosophy is being flagged as dangerous by security software. People who receive piracy notices are directed to GetitRightFromaGenuineSite.org but according to anti-virus vendors and even third-parties like Twitter, the domain should be avoided due to a potential malware and phishing threat.

After years of negotiations, last year UK ISPs began sending out piracy warnings to subscribers whose accounts are used to share copyright-infringing material.

The warning notices, sent out by ISPs including BT, TalkTalk, Virgin Media and Sky, politely inform account holders that their connections have been monitored sharing movies, music, TV shows and other content

 

The notices are purely educational and no further threats are attached, a welcome approach to what can often be a difficult situation for both entertainment groups and the public.

This week, however, a reader sent us a warning he’d received from Virgin Media (redacted and truncated version below) which ended up piquing our interest.

 

 

The notice itself is pretty standard and advises the recipient to visit the Get it Right From a Genuine Site educational portal for more information. The recipient tried to do just that, following the hyperlink in the email. Unfortunately, things didn’t go to plan.

As seen from the image below, AVG immediately threw up a warning, advising the user to stay away from the site due to suspected malware.

 

 

Using a machine protected with Avast anti-virus, TorrentFreak followed the same procedure by clicking the hyperlink in the anti-piracy notice email and attempting to reach the GetitRight campaign site. We had broadly the same level of success.

 

 

Strangely, none of this came as a surprise to us because this isn’t the first time that there’s been a malware warning on the Get it Right domain.

Back in April, TorrentFreak discovered that the Get it Right site was being flagged as dangerous by several anti-piracy vendors. However, rather than expose people to a potentially dangerous situation (or cause unnecessary alarm), we took the decision to report the problems to an organization connected to Creative Content UK, the campaign behind the Get it Right site.

At the time we were told it was probably just a technical glitch and we were told it was being looked at. But now, several months later, things don’t seem to be any better and with letter recipients now experiencing the same problems, the issue is now known to the public.

The image below is from VirusTotal, which presents results from many anti-virus vendors. While most results are clear, it displays several serious warnings at the top of the list in addition to the issues we know exist with both AVG and Avast.

 

 

Precisely what the problem is here we don’t know. Visiting both http and https variants of the site produce malware warnings and there are even problems when trying to access the domain from third-party services.

For example, on the left-hand side of the Get it Right campaign’s Twitter account, one can find the usual information, including a summary of what the project is all about, where it’s located, and details of its website.

However, when clicking the link to access the campaign’s URL, Twitter steps in and prevents visitors from going any further.

 

 

Twitter’s warnings, that the site could “steal your password or other personal information” or install “malicious software programs on your computer”, hardly inspires confidence in those seeking advice about how not to pirate in the future. Somewhat ironically, it’s the kind of warning pirates are often told to expect on pirate sites.

As noted earlier, TF previously reported a security problem with the site several months ago but since such a long time has passed with no apparent action, mentioning it more openly will hopefully spring the campaign’s security people into clearing up the confusion.

source

[straycat19]

What bullshit!  Using Avast and AVG as honest brokers to declare a site malware ridden is ridiculous.  Both pieces of software are owned by the same company.  And some usual sites will produce a higher threat warning than 3/68.  I am sure that some of the cracks people install on their systems will produce much higher warnings.  And we won't even go into why Twitter, of all the malware infested, data collecting sites, would say the site isn't safe.  TF is usually reliable but this article doesn't pass the smell test, it stinks.  More like a desperate writer trying to file an article before deadline.

[debebee]

Reminds me of a recent visitor who threw up a tantrum because his AV detected a false positive