BitDefender classifies 'piracy monetisation' site Rightscorp as malware

News by Adrian Bridgwater

Peer-to-Peer (P2P) file sharing tracker initially condemned due to false positive

Anti-virus software suite vendor Bitdefender has classified the Rightscorp piracy monetisation and copyright enforcement website as malware. The action has been later described as an unfortunate false positive, which was fixed in hours.

Rightscorp operates on behalf of digital media copyright owners to monitor global Peer-to-Peer (P2P) file sharing networks to track illegally downloaded digital media.

Working in conjunction with USA-based Internet Service Providers (ISPs), Rightscorp says it exists to automatically send out copyright infringement and demand notices to users who have illegally downloaded digital media.

Bitdefender users found that they could not access the Rightscorp settlement page used to pay for alleged infringements.

According to Torrent Freak, “On behalf of Warner Bros, BMG and other copyright holders Rightscorp asks [pirating] subscribers to pay US$30 per pirated file, or risk a potential US$150,000 fine in court.”

People in glass houses?

Romanian security specialist Bitdefender has not been exempt from upsets this year and has suffered a number of high profile breaches. Rightscorp meanwhile has a similarly blotted copybook and has been accused of operating with ‘extortionist practices' in the past.

In terms of operation, Rightscorp contacts ‘violators' who must then remit payment to Rightscorp for the copyright infringement. Subsequently, Rightscorp says it then makes payment to the copyright owners.

According to the Rightscorp overview statement, many infringers who do not pay are disconnected by their ISPs.

Rightscorp's technology system monitors the global Peer-to-Peer (P2P) file sharing networks and sends emails to ISPs using the notice format as specified in the Digital Millennium Copyright Act (DMCA) with the date, time, song title and other specific technology identifiers to confirm the infringement by the ISP's customer.

“This case illustrates how one's data is only as secure as the third party with whom they're hosting/file sharing,” said Margee Abrams, director of security service product marketing product marketing at Neustar Inc.

Speaking to SC Magazine UK today Abrams added, “Public sharing services are under no obligation to protect other people's data so one needs to weigh the risk to confidentiality to the benefit of the service before taking this decision.”

False positive, after all

“Blocking Rightscorp payment page was just an unfortunate false positive which we fixed in hours,” confirmed Andrei Taflan, global PR manager for Bitdefender in a statement sent to SC Magazine UK.

“False positives are the result of having to find the right balance between proactively stopping new threats and not disrupting normal applications. As independent testing from AV-Comparatives and AV-Test shows, Bitdefender has a solid history of performance in this area,” added Taflan.

Shedding additional commentary on the story, services director at analyst house Quocirca Clive Longbottom spoke to SC Magazine to call this news a ‘spat' between a couple of entities that should know better. 

“For a security company to try and defend itself, it must be totally independent in how it deals with sites,” he said. “As long as the site does not contain malware, then stating that it does is moralistically breaking the accepted norms of the Internet. For a company trying to deal with piracy, then it needs to be very clear and open about what it is doing.”

The technology analyst finished by saying that Rightscorp must make clear in any communications with those it identifies who it is, who it pays money to, how much of the $30 per track/film/whatever it pays over and how it will then ensure that the copyright is made available to the person against the payment. 

Longbottom concludes, “Between these actions falls the user themselves – very few will mind being blocked from Rightscorp's site: how many people are likely to say ‘oops – I've been caught out and I have 10,000 tracks – best transfer $300,000 to a company I've never heard of?”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews