Unveiling the Connection Between Malware and Pirated Software in Southeast Asian Countries: A Case Study

Pirated software is an attractive choice for cybercriminals seeking to spread malicious software, known as malware. This paper attempts to quantify the occurrence of malware concealed within pirated software. We collected samples of pirated software from various sources from Southeast Asian countries, including hard disk drives, optical discs purchased in eight different countries, and online platforms using peer-to-peer services. Our dataset comprises a total of 750 pirated software samples. To analyze these samples, we employed seven distinct antivirus (AV) engines. The malware identified by the AV engines was classified into four categories: adware, Trojans, viruses, and a miscellaneous category termed others. Our findings reveal that adware and Trojans are the most prevalent types of malware, with average infection rates of 34% and 35%, respectively, among our pirated software samples. Notably, our evaluation of AV detection performance highlights variations in sensitivity, ranging from a high of 132% to a low of 30% across all AV engines. Furthermore, upon installing pirated software, the most adversely affected operating system settings are the firewall and user account control configurations. Given the potential for malware to steal information or create malicious backdoors, its high prevalence within pirated software poses a substantial security risk to end users.