Cybercriminals employ websites to infect victims with malware using techniques such as drive-by-download or social engineering. On the other hand, several approaches (e.g. client honeypots) exist to detect malicious websites. Nonetheless, this is a time-consuming task, and thus, computational resources should be spent on targets that are more prone to be malicious than others.
For economic reasons, websites that offer free entertainment content like movies and series are frequently visited by web users. Based on this empirical observation, we hypothesized that users visiting Free Movies and Series (FMS) websites are more exposed to malware than when visiting other type of web content.
To prove this hypothesis, we set up an infrastructure composed of a web crawler, to obtain URLs related to the FMS category and other categories extracted from Google Trends, and an analysis component based on VirusTotal. In total, 52,531 URLs were scanned, of which 17,738 correspond to FMS.
The analysis classified 11.2 % of these URLs as malicious, compared to only 1.27 % of the URLs corresponding to the Google Trends categories.