Please support Game Informer. Print magazine subscriptions are less than $2 per issue


Symantec Says Malware Could Be Inflating Twitch Viewership

by Jeff Cork on Mar 27, 2015 at 10:36 AM

Online streaming is experiencing a boom period, in terms of audience size and the number of hours those viewers spend watching their fellow gamers play, talk, and entertain. According to a report from antivirus company Symantec, there's more going on with those numbers than you might think.

Twitch shared some of its viewership stats for 2014 early this year. Some of the highlights include 1 million concurrent viewers, 100 million unique viewers per month, and 10k partnered channels. That last one is where it gets a little weird.

Symantec says that while some of those partnered channels have legitimately earned their share of viewers, others are taking advantage of illegal botnets to boost their numbers. These services offer a variety of packages that include guaranteed live viewers, chatters, and followers. To become a Twitch partner – and become eligible to take donations, display prestream ads, and more – streamers must have a consistent average viewership of 500. 

In a botnet, connected PCs are used to perform a single task. They have legitimate functions, but they can also hijack an unwitting PC via malware. Symantec has identified one botnet developed to target Twitch, called Trojan.Inflabot. Lionel Payet, security response manager at Symantec, says that additional Malware has disguised itself as phony Adobe and Google Chrome updates. In addition to inflating views, Symantec says the botnet can be used to harass people by proxy or spread itself to other viewers – possibly by inserting links though a stream's chat. It's important to keep in mind that in addition to pointing out the potential for abuse on Twitch, Symantec just so happens to sell products that are designed to protect users from this threat. 

Twitch recently suffered a security breach, which exposed some users' personal information, including IP data, truncated credit-card numbers, and birth dates. Payet says that his company hasn't found any connections to the hack and the botnet, but adds that, "[I]f a user’s computer is compromised by any malware, then their information is always exposed." Payet adds that the amount of money pulled in by these botnets is unknown, but that it's compromised thousands of machines.

In its defense, Twitch says that this is a problem that has broad-reaching impact. "These illegal services are a long-standing issue that is not unique to Twitch," says Matthew DiPietro, vice president of marketing for Twitch. "We detect when they are used and deal with them in a layered approach including legal action, tech solutions, and human monitoring."

[Source: Symantec]


Our Take
If the research is indeed sound, this information should infuriate legitimate Twitch broadcasters. They've worked hard to amass their audiences, and it's unfair for shady competitors to hit bigger numbers just because they have deeper pockets. What isn't entirely clear is just how quickly Twitch is able to detect and deal with botnets and if those viewership numbers are factored into Twitch's overall reported usership. We've followed up with the company and will update should we receive a response.