Fake bots for the streaming site Twitch are being used to spread trojan viruses and potential unwanted programs (PUPs) according to security firm Malwarebytes.
Streamers use bots to attract traffic to their channel through raiding, in which a phoney user joins a rival’s stream and advises the audience to move to the bot owner’s channel.
Jovi Umawing, malware intelligence analyst at Malwarebytes, said: "Twitch.TV is growing in popularity, and as expected, a platform with so much to offer can be misused and abused by anyone willing to make a buck in a highly risky if not totally malicious fashion.
"We discourage Twitch users who are interested in using bots as groups and/or individuals may take advantage of them."
Hackers hope that users seeking to download a bot online will come across their fake software, which once downloaded will infect the victim’s system, leading to a variety of symptoms.
Trojan.Crypt, the first malware sample the firm claimed to have found, collects information about a victim’s system, as well as dropping a further virus which prevents the user from running Task Manager to terminate the malicious programs.
The second sample, PUP.Optional.OutBrowse, is a form of adware that behaves like a virus but is often marketed as a means of improving web browsing.
Twitch forbids the use of bots on its network in its terms of service, but the software is popular among content creators across similar sites such as YouTube looking to build an audience for themselves.
CBR has contacted the streaming service for comment.
