At the height of the cyberlocker boom in the early 2010s, Uptobox was already an established name.

The platform remained online despite a fierce anti-piracy crackdown that led to the demise of Megaupload, Hotfile, and many other file-hosting services.

Uptobox faced some trouble with payment providers but still managed to grow in the decade that followed. Like many other sites of this kind, it was frequently abused by pirates to share copyrighted content. To address this, Uptobox had a takedown policy to swiftly remove those files in response to rightsholders’ reports.

Uptobox Blocked and Raided

Takedowns couldn’t prevent the site from being targeted in a site blocking order in France, where roughly a third of the site’s 30 million monthly visits originated. The site didn’t agree with this decision and, as a countermeasure, informed users how the DNS blockades could be circumvented.

For the less technically inclined, Uptobox vowed to contest the site blocking measures in court. However, before it could do so, rightsholders including Columbia, Paramount, StudioCanal, Warner Bros, Disney, Apple, and Amazon, showed that they were a step ahead .

In September 2023, French cloud hosting providers Scaleway and OpCore pulled the plug on Uptobox’s servers. Initially, it wasn’t clear who was behind the action, but it later transpired that the Alliance for Creativity and Entertainment ( ACE ) was a driving force behind it.

The server shutdowns were backed by a court order and ACE pointed a finger at two French nationals, who operated the platform from the Dubai-based company ‘Genius Servers Tech FZE’.

Uptobox Challenges Blocking Order

While Uptobox initially remained quiet, it didn’t plan to throw in the towel so easily. The company was very critical of the shutdown, not least since it was partly based on the EU’s ‘ Piracy Watch List ,’ which relies heavily on input from rightsholders and is not a legal determination.

In recent months, Uptobox pushed back by challenging the blocking action in a Paris court. While Genius Servers hoped to turn the case around, Marc Rees at l’Informé reports that this initial attempt failed. Last Friday, the Paris judicial court denied Uptobox’s request to lift the blocking measures.

In its defense, Uptobox explained that it had a proper takedown policy, under which 98.9% of the links reported by movie industry groups were promptly removed.

Genius Servers further argued that 70% of the files on its site were never downloaded, and that another 15% were downloaded less than 10 times. The company also stressed that Uptobox had never encouraged its users to store pirated content on its platform.

The court wasn’t convinced by these arguments, in part because they were based on information that was gathered after the fact. The company didn’t share the underlying database for review either.

Rightsholders Paint a Pirate Picture

Instead, the court went along with evidence presented by rightsholders, including a report compiled by a representative from the Association for the Fight against Audiovisual Piracy ( ALPA ).

The report revealed that ALPA uploaded a copyright infringing file last year to test the takedown policy. While the uploaded content could indeed be removed, the representative was able to re-upload the same content later, without any countermeasures.

ALPA further found that in a random sample of 25,504 active French-language links that were available in February 2023, the majority (84%) “referred to infringing works”. The millions of Uptobox.com takedown notices that were processed by Google further corroborates the ‘infringing’ nature, the court heard.

The same also applies to Uptobox sister site Upstream, which was blocked by the same court order due to its association with pirated content.

Takedowns are not Enough

The rightsholders arguments were sufficient for the Paris court to keep the existing blocking measures in place.

“It is clear from all these elements that the Uptobox service was used predominantly to illegally make content available to the public, violating copyright and related rights, and that the operator knew or should have known this,” the court concluded.

An important aspect of the judgment is that simply processing takedown notices was deemed insufficient. Uptobox did remove pirated files but, according to the court, it had an obligation to do more. For example, by sanctioning repeat infringers, or by making sure the pirated content couldn’t be re-uploaded so easily.

Specifically, the court writes that Uptobox “does not take any proactive measures to prevent counterfeiting on its platform, such as combating the re-uploading of deleted files, matching files, or providing contact tools for rightsholders”.

According to the court’s reading of EU law and jurisprudence, including the CJEU’s Cyando/YouTube ruling , these additional measures are required.

Finally, the court found that Uptobox’s freedom to conduct a business, which is a fundamental EU right, was not violated as Uptobox is seen as a predominantly infringing service. The copyrights of users, who may have shared private files on the platform, does not get in the way of the blocking order either, the court ruled.

From: TF , for the latest news on copyright battles, piracy and more.

For pirate IPTV blocking orders to be effective, the time between spotting a domain or IP address to be blocked, and the blocking actually taking place, needs to be as short as possible.

For legal, practical, and technical reasons, the gap seems unlikely to shorten to the extent most rightsholders would like, but in general the process seems to be heading in that direction.

In an order dated July 26, top tier French football leagues Ligue 1 McDonald’s and Ligue 2 BKT requested blocking of dozens of domains linked to the provision of pirated live match streams. On August 2, the Paris Judicial Court issued a blocking order, having taken just a week, including a weekend, to process an application that could’ve taken weeks or months just a few years ago.

Permission to Tackle Piracy That Hasn’t Happened Yet

The 2024/25 first and second division football championships don’t even start until August 17, so the new order aims to tackle piracy that hasn’t happened yet. In the UK, the Premier League has been taking a similar approach for years, with the High Court – and now the Paris Court – weighing piracy services’ past behavior against the likelihood of piracy resuming when the new season begins.

“LFP welcomes this decision by the Paris Judicial Court, which makes it possible to combat piracy of the Ligue 1 McDonald’s and Ligue 2 BKT championships in their entirety,” LFP said in a statement welcoming the new order.

“While this decision is the fourth blocking injunction obtained by the LFP since the creation of the system to combat sports piracy in January 2022, it is the first to have been obtained before the start of a season, on the basis of findings of serious and repeated infringements of the LFP’s audiovisual exploitation rights during the previous season.”

Reacting to Countermeasures

Without the ability to respond quickly to countermeasures deployed by pirate sites and services, blocking orders would risk outliving their usefulness before the end of the first match. However, under Article L. 333-10 of the French Sports Code , LFP has access to a powerful tool; after referring the matter to telecoms regulator ARCOM, new sites and services illegally broadcasting LFP content can be swiftly added to the existing blocklist.

On the website of the Paris Court, the domains authorized for blocking in the August 2 order initially appear somewhat chaotically, despite being the most important part of the order.

Fortunately, the list is repeated much more clearly at the end of the order so skipping directly to the end is advised. That being said, for reasons that don’t stop at sheer volume of domains, the need for clarity and pinpoint blocking will only increase moving forward.

Most of the complexities are directly connected to moves made by pirate sites as they attempt to avoid blocking, with any resulting confusion or uncertainty probably considered a bonus.

Domains and Subdomains

The domain list is quite specific when detailing exactly what should be blocked. For example, the domain lol-foot.ru appears along with the subdomain www.lol-foot.ru which currently lead to the same page, but that could be subject to change. The domain www.tv1337.buzz currently points to the same domain that lol-foot.ru and www.lol-foot.ru now redirect to (euro2024direct.ru)..

Sportplus.live and www.sportplus.live appear to redirect to a subdomain of sportplus.live that changes depending on the visitor’s geographical location. In the order fr22.sportplus.live is specified for blocking, but it would be trivial to switch that to almost anything else.

When visited directly, some domains on the list give the impression that they’re non-functional. That hasn’t stopped LFP from finding out that’s not actually the case, but it’s nevertheless interesting to see some of the tactics deployed.

When tested a few hours ago, visitors to bobres.net were greeted with nothing due to a lack of DNS records, while www.bobres.net (listed for blocking) remained fully functional. Another domain, kiwi-ip.tv, appears broken but the subdomain identified by LFP (app.kiwi-ip.tv) has a DNS record mapping it to ip.sltv.be. This domain/subdomain is also listed in the court order but visitors using a browser won’t find much since it’s probably configured for set-top boxes.

Visitors to ardenty.xyz might conclude that the domain is still parked but as LFP has clearly discovered, ahgs.ardenty.xyz is very much alive. The list goes on, and is always subject to change.

Careful….

Finally, it’s worth highlighting three similar domains/subdomains in the list that if blocked at the main domain level, risk affecting any number of innocent parties.

The domains/subdomains kooralive.pp.ua, www.kooralive.pp.ua, and www.kooralive1.pp.ua, all use pp.ua which appears to be a service offering free domains and currently has at least 270 subdomains.

Targeted blocking of the subdomains kooralive, www.kooralive, and www.kooralive1 should present no issues but if pp.ua was targeted in error, that would wipe out at least 270 services and probably more.

The list of fully-qualified domains (FQDN) as they appear in the order are listed below with the main domains and other related data appearing in the table underneath.

lol-foot.ru, www.lol-foot.ru, www.tv1337.buzz, sportplus.live, www.sportplus.live, fr22.sportplus.live, play-iptv.com, m3u.sf-m3u.me, premiumiptv.me, fbxc.cc, crackstreams.sbs, www.crackstreams.sbs, hes-goals.tv, www.hes-goals.tv, kooralive.pp.ua, www.kooralive.pp.ua, www.kooralive1.pp.ua, rojadirectaenvivo.re, www.rojadirectaenvivo.re, www.seehdgames.co, seehdgames.co, pre.soccerstreamslinks.com, vl.streameast.top, tarjetaroja.ws, www.tarjetaroja.ws, totalsportek.ai, www.totalsportek.ai, nbatvhd.online, www.nbatvhd.online, sportsbay.dk, www.sportsbay.dk, telerium.run, www.telerium.run, popcorniptv.com, ahgs.ardenty.xyz, www.bobres.net, ip.sltv.be, app.kiwi-ip.tv, dfwu.link, ip1.mypsx.net, supremtv.fr

From: TF , for the latest news on copyright battles, piracy and more.

Rightsholders around the globe are actively fighting piracy, but few are as vocal as Miguel Angel Loor, the boss of Ecuador’s football league LigaPro.

The football boss has repeatedly spoken out against pirate services, particularly MagisTV, and continues to do so. Meanwhile, no remedy is left unused to tackle the problem.

Critics have argued that by focusing so much attention on the pirate service itself, public campaigns might be counterproductive. For example, displaying ‘anti-MagisTV’ banners during official football matches could introduce people to this pirate service, instead of scaring them away.

Blocked IP-addresses Put Users at Risk?

LigaPro clearly has a different outlook. The league’s boss continues to speak out against piracy as a whole, and doesn’t shy away from mentioning names. Earlier this month, the league managed to reinforce local pirate site blockades by adding 183 new IP-addresses to the MagisTV piracy blocklist that was already in place.

“The granting of the IP address blocking order is a legal victory for the legitimate rights holders and the thousands of customers who pay formally for their various content services,” a statement in response to the order explained.

In addition to blocking additional IP-addresses, the court reportedly warned that anyone who attempts to access the blocked IP-addresses, is subject to penalties and fines for copyright infringement. How those ‘attempted’ copyright infringements will be validated and enforced remains conveniently unexplained.

It’s possible that the added warning for users is mostly intended as a deterrent. In any case, it’s clear that local authorities are sympathetic to LigaPro’s concerns, especially now that the new season is underway.

More Sites and IPs Blocked

Last Friday, a another court order came in, requiring local Internet providers to block eight additional websites and 24 IP addresses. This includes a MagisTV-branded site, but also other alleged pirate streaming sites and apps, such as futbollibretv.pe, tele-latino.net, and rojadirectaenvivo.pl.

Interestingly, the full list of targets includes URLs that are part of larger non-infringing websites. For example, buyiptvsmarters.myshopify.com is a Shopify subdomain that links to a pirate IPTV subscription page. Another sub-target is xc.softonic.com/android, which appears to be a pirate app distributed via the otherwise legal platform Softonic .

It’s not clear whether LigaPro or other rightsholders attempted to have these pages removed through the regularly available takedown procedures, before obtaining the court order. Needless to say, blocking the associated IP-addresses will likely result in overblocking if that’s taking place.

MagisTV Trademark

Aside from the blocking efforts, rightsholders have also pushed back against MagisTV on another front. Apparently, the company ‘Shenzhen Geshan Technology’ has repeatedly tried to register a MagisTV trademark (Magis TV Mas Grafica) in Ecuador.

These applications were successfully objected at the trademark office by LigaPro, most recently with help from Paramount Pictures and DIRECTV.

“Incredibly, they are trying to register the ‘trademark’ in [Ecuador] for the SECOND time. The first time was already denied. Now, LigaPro again opposed, together with Paramount Pictures and Directv, and our opposition has been granted,” LigaPro’s boss wrote on X.

Backlash & Reckless Play?

Miguel Angel Loor’s public opposition of MagisTV and other pirate services seems relentless. LigaPro’s boss recently revealed that local Internet providers are now on board to help out. Whether that entails more than complying with court orders is unknown, but MagisTV was again prominently mentioned.

These anti-piracy messages are welcomed by rightsholders, but they elicit quite a different response from many ordinary citizens, some of which respond with mocking and defiant replies. These retorts typically complain about expensive legal options, and some are showing off how they continue to pirate.

LigaPro’s boss has noticed these responses and, while most are ignored, he replied to a user who showed that he was already using MagisTV as usual, through a VPN.

According to Loor, “this guy” supports a pirate service that ultimately generates revenue, which “surely” funds other types of crime including sexual exploitation. No source was provided for this claim. Loor added, however, that VPNs are not all risk-free either (if the company running it has malicious intentions).

“[T]his guy is VOLUNTARILY giving away all the data on his phone without realizing that the passwords and everything he sends will be exposed with the VPN. But hey, keep fighting against what is legal and correct,” Loor added.

Of course, these remarks were met with a barrage of other responses, criticizing LigaPro and showing off pirate apps and services. Instead of reaching some kind of consensus or agreement, both sides are becoming more extreme.

And so the ball keeps rolling.

From: TF , for the latest news on copyright battles, piracy and more.

It’s no secret that Russia would like to have credible alternatives to the world’s most popular websites, software, and operating systems.

Having to rely on the United States for software including, Windows and Photoshop, is painful enough. However, Russia’s relationship with YouTube appears to be much more complicated. Having avoided the fates of Facebook and Instagram, which found themselves labeled “extremist” and banned from Russia, this summer YouTube began feeling the heat.

In July, Russia ordered Google’s CEO to unblock 200 pro-Kremlin YouTube channels, arguing that the restrictions “fundamentally violate the key principles of free dissemination of information.”

In parallel, Russia criticized YouTube for not removing over 61,000 videos containing “fakes about a special military operation” while successfully removing at least 5.6 million VPN-related links from Google Search for providing access to information previously banned in Russia.

Confusion as a Strategy, Movies as a Weapon

Accusing its rivals of exactly the same things Russia’s government does by default is meant to be disruptive. In the United States, where freedom of speech is almost absolute, allegations of censorship are always likely to stir controversy. Russia is acutely aware of other hot-button issues, and routinely exploits those too.

Piracy of Hollywood movies has been mentioned regularly by officials since February 2022, with the government and industry blowing both hot and cold on the possibility of sanctioned mass piracy, at a time when blatant piracy was clearly ongoing .

On RuTube, a video platform the Kremlin touts as a YouTube challenger, piracy of Hollywood content has always been problematic. Owned by Gazprom-Media, RuTube has publicly stated that pirated foreign content is quickly removed. RuTube does indeed respond to takedown notices, apart from those times when it apparently does not.

On full display, no apologies, no excuses

For the last two years, the mass presence of Hollywood movies on RuTube may be a sign that rightsholders’ takedown notices have dried up. Whatever the reason, the latest blockbusters are certainly popular with the masses; although Russia’s cinema owners, at least those still in business, see things a bit differently.

Promoted By The State, RuTube Promotes Piracy

In the summer of 2023, many of the big movies and TV shows released in the West began appearing more frequently on RuTube. In comments to the media, RuTube suggested that it had been taken by surprise at the sudden influx. Netflix titles including The Witcher and Black Mirror would be removed immediately, RuTube said, at least in the event rightsholders requested removal.

Later that year, the Warner Bros. blockbuster ‘Barbie’ quickly appeared on RuTube, as did Universal’s ‘Oppenheimer’. Both are still available for viewing today, supported by a May 2024 RuTube campaign in the Moscow Metro that used images from the movies to advertise the fact. With over two million views on the most popular copies, that appears to be paying off.

At a recent briefing at the Foreign Ministry, the Russian people were asked to prioritize use of RuTube.

“We urge everyone to master this video hosting service [RuTube] and post their materials there,” said Andrei Nastasin, Deputy Director of the Information and Press Department at the Foreign Ministry.

RuTube Doubles its Traffic in 12 Months

Data from the research company Mediascope, made public around a week ago following a request from local news outlet Vedomosti , revealed that RuTube had doubled its traffic in the last 12 months.

Anti-piracy advocate Maxim Ryabyko at the Association for the Protection of Copyright on the Internet , said that piracy of Western content was likely to be a factor in RuTube’s growth. RuTube, on the other hand, declined to comment.

Coincidentally or not, life in Russia then became much more difficult for RuTube’s competition in the United States.

YouTube’s ability to provide fast, uninterrupted streams in Russia, first took a hit around July 12. Telecoms provider Rostelecom spoke of the need to slow down YouTube due to “technical problems” with Google’s servers in Russia, noting that “growth in traffic” had led to a “serious overload” of equipment serving YouTube videos.

“This may affect the download speed and playback quality of YouTube videos for users of all Russian operators,” Rostelecom said, as quoted by the Moscow Times.

YouTube’s Throttling……

Google’s server difficulties appear to have been caused by outside meddling. Russian authorities had ordered all major telecoms companies to throttle YouTube video playback to 128 kilobits per second. On August 8, a wave of complaints across Russia indicated that YouTube was either unusable or totally offline.

In parallel, the Signal messaging service began experiencing severe issues, with telecoms regulator Roskomnadzor later confirming that Signal had been restricted due to “violations of the legislation on combating terrorism and extremism.”

The fact that the Ukrainian military had taken the Kremlin completely by surprise with a sudden surge deep into Russian territory with tens of thousands of troops, wasn’t mentioned as a contributing factor.

After YouTube’s Throttling, Now RuTube’s Deletion

For reasons that are yet to be fully explained, YouTube’s throttling led to a surprise for RuTube late Friday evening. The video service the Kremlin had put so much faith in, suddenly discovered that its iOS app was no longer available from Apple’s App Store. Previously operational search engine links led to a ‘connecting’ message on the App Store, but nothing else.

Connecting…..

RuTube informed its users of the situation via a message on Telegram late Friday evening.

“We have been the most downloaded app in the App Store for a long time, but now we have to announce that our app has been removed from the App Store. This was a result of sanctions from an American company, which made it difficult for users to access our services through a mobile app,” RuTube wrote.

“We understand that this creates inconvenience for you, our users, and brings certain difficulties in using the platform. We appreciate your support and understanding during this difficult time. We will promptly inform you of any news and changes through our official channels. RuTube has been advocating for freedom of speech on our platform until the very last moment, and we will make every effort to ensure the return of the RuTube app to the App Store as soon as possible.”

While there has been no further commentary from RuTube, it appears that similar problems may also exist on Google Play. TorrentFreak’s attempts to access the app on Sunday, both directly and via the main link in Google Search, led only to the message shown below.

RuTube appears to have gone

RuTube’s claim, that the removal is sanctions-related, has not yet been officially confirmed. However, if a copyright holder had presented Apple and Google with a huge list of Hollywood movies being made available via the RuTube app, removal of the app would not come as a surprise.

Even though it claims otherwise, RuTube may not care too much about the DMCA, at least as it currently applies on Russian soil. Unfortunately, its apps are distributed by U.S. companies, which may prove a hindrance in its quest for additional growth.

From: TF , for the latest news on copyright battles, piracy and more.

Music piracy has been around for decades and there are no signs that it will disappear anytime soon.

While legitimate subscription streaming services are commonplace today, some people prefer to download or rip music instead; particularly people with limited financial means. That’s a problem for labels and music publishers alike.

According to the RIAA, the U.S. economy loses billions of dollars annually due to piracy. This estimate is difficult to prove, of course, but ‘lost’ revenues are not the only concern. Specialized pirate sites and services frequently feature pre-release leaks too.

These leaks frustrate labels and artists and not just for financial reasons. Many musicians work months if not years on their tracks; seeing these being paraded on pirate sites, before their official release, stings.

Warner’s World-class Anti-Piracy Unit

Warner Music Group is well aware of the leak vulnerability. The company has taken action against various piracy threats in the past and, outside the public eye, the music company is building a dedicated anti-piracy unit.

The unit in question is not mentioned on Warner’s official site, but it did appear in a recent job offering, where Warner Music is looking for an Anti-Piracy/Content Protection coordinator.

“We’re looking for someone who thrives on searching the depths of the internet to find when and where unreleased music first pops up. We want someone to help our artists maintain control of their release plans.”

“This person will be the next piece in building a world-class anti-piracy unit,” Warner Music adds.

To find out more about the scope and goals of this team, we reached out to Warner Music directly. However, the company didn’t immediately respond to our inquiry. Luckily, the job description itself provides some more background.

Tracing Leaks & Spotting Pirates

The anti-piracy coordinator role is quite broad. It involves protecting digital and physical releases as well as merchandise. These protection efforts are in part guided by release schedules. After all, new releases have the most value, and deserve stellar protection.

Within releases there is also a priority ranking. The anti-piracy coordinator is expected to communicate these high-priority releases with third-party anti-piracy services, so these can tailor their takedown efforts accordingly.

The position also requires some familiarity with piracy services, and accompanying research capabilities. It involves managing leak alerts, as well as discovering new piracy platforms and services that pose a threat.

The job offering provides the following examples of typical work that the anti-piracy coordinator has to carry out.

– Monitor and protect all forms of Warner Music Group’s intellectual property
– Work with our label partners on priority release schedules
– Coordinate priority releases on a weekly basis with third-party anti-piracy services
– Receive and create leak alerts for infringing uploads
– Discover new platforms that infringe on WMG’s intellectual property
– Contribute to a growing team of global content protection specialists

Artificial intelligence isn’t mentioned once. That makes sense, as it’s not typically associated with piracy, but more with general copyright infringement, which is likely handled by the broader legal department.

Requirements

The job application provides a rough idea of what the anti-piracy unit does, but it’s likely just a fraction of its full scope. The required skills for the job don’t give away anything either and are quite mundane.

Candidates need a “strong attention to detail”, “work well independently”, have “excellent written and oral communication skills” and comfort with Word, Excel and PowerPoint-type software. A college degree and some anti-piracy experience would be a bonus.

For anyone interested, the job listing is still open and can be accessed through Warner Music Group’s official website.

From: TF , for the latest news on copyright battles, piracy and more.

Receiving and imparting advice allows humans to benefit from the experiences of others, without ever having to suffer the consequences of making the same mistakes themselves.

While that’s a great theory and a lovely thought, it’s a poor substitute for knowing that today’s disaster is your own work and yours alone. What’s infinitely worse than that is blindly allowing strangers on the internet to make big decisions, and then having to live with the consequences of their poor advice knowing the blame lies closer to home.

Stay Safe, Trust No One

Case in point, ‘staying safe online’, which according to Google’s autocomplete is a popular question when people are preparing to download anything, from music to PC games, to general software and Android APKs.

Anyone who opted for the ‘safest site’ to ‘download free mp3’ today, but ignored copyright concerns and the first few results linking to legal services, may have landed on a site with links to a few YouTube download sites. However, the ‘recommended’ option at the top of the list is to install free software that ‘claims’ to download from Spotify instead.

The .exe triggered no warnings when scanned using Windows Defender, MalwareBytes, and BitDefender. When checked it remotely, using a handful of online security tools, a different picture emerged.

A decision was made not to install the software and that turned out to be a good thing. Most of the time, installing any type of software from unknown sites should be avoided and here, any benefit would’ve been eliminated ten times over by whatever came next.

Beware of Deception

While the Baader-Meinhof phenomenon might explain an ‘unusually’ large number of people asking for “the safest site” this week, they were definitely there; on X, Reddit and other platforms, seeking out everything from manga to mainstream movies.

As usual, responses to the impossible question varied. Typically, some site or another in vogue at the moment receives a mention; that happened on one occasion this week and the chat ended there.

On rare occasions, someone will take the time to point out that research is advised but, for many people, that sounds like a tedious way of not getting content immediately. We didn’t see any of those this week, unfortunately.

Occasionally, since it tends to get frowned upon these days, someone will post a link to a site. In one case last week, someone posted a direct link to an Android APK.

In response to that post, a seemingly unconnected user agreed that this particular app provides access to everything and helpfully provided a link to a site where all of those details were available. That included the name of the app, a nice logo, its file size (around 30mb), version number, package name, and details of OS version compatibility.

As highlighted by the poster, the page also listed all relevant file hashes and a signature, so that any prospective users could do all the relevant checks, to confirm it’s 100% safe. How many people actually check those things is unknown but, in this case, the hash linked to details of an app on VirusTotal with a clean bill of health. However, the APK delivered by the site had a completely different hash.

Pirated Content Still On Offer…Good?

Many people believe that if an app works, that’s always a good sign. The reality is that if the app doesn’t work, people will uninstall it, and that’s the last thing nefarious app distributors want.

In this case, the app did work, albeit in a secure environment. But ordinarily it would’ve been installed on someone’s Android phone, where it would’ve been very happy indeed.

As F-Secure explains : An SMS-Worm is a type of worm that distributes copies of itself to new victims – in this case, mobile phones – over the Short Messaging System (SMS) of mobile telecommunications networks. An SMS-Worm may be able to automatically send a copy of itself to every contact listed in the mobile phone’s Contacts list.

Alternatively, the SMS may contain a link to a website. On clicking the link, the user may inadvertently download the worm’s executable code onto their mobile phone, thereby infecting themselves. For this method to work, the mobile phone would need to have Internet-access capability.

Other slightly worrying behaviors included an attempt to harvest all hostnames from the local network, presumably just to check out what other services might be available. Merely out of curiosity? Probably not

At some point, the app tried to connect to an IP address and domain names which according to records are connected to Hola/Luminati. That raises the prospect of devices subsequently becoming part of a network where the user’s connection can be used by someone else.

There’s no suggestion that those services are aware of anything malicious, a quality they’re likely to share with people who install *any* Android software without knowing what it does first, even though it’s free to find out.

Androguard: Reverse engineering and pentesting for Android
ANY.RUN: Free Malware Reports and Database
APKHunt: Comprehensive static code analysis for Android
APKLab: Android Reverse-Engineering Workbench
APKLeaks: Scanning APK file for URIs, endpoints & secrets
APKtool: A tool for reverse engineering Android APK files
Hybrid-Analysis: Free Automated Malware Analysis
Frida: A world-class dynamic instrumentation toolkit
Genymobile/scrcpy: Display and control your Android device
MobSF: Security research platform for mobile applications
Oracle VM VirtualBox
Sixo Online APK Analyzer
URLscan: Website scanner for suspicious and malicious URLs
VirusTotal: Analyse suspicious files, domains, IPs and URLs to detect malware
Wireshark: The world’s most popular network protocol analyzer

From: TF , for the latest news on copyright battles, piracy and more.

The Ultimate Fighting Championship (UFC) has promoted mixed martial arts fights for three decades, turning the sport into a billion-dollar industry.

The company is known for its aggressive stance against piracy. UFC President Dana White has repeatedly called out pirates and even got into a keyboard fight with a trolling streaming pirate.

UFC has also called on lawmakers to help them address the piracy problem. In U.S. Congress recently, the company urged lawmakers to consider site-blocking legislation . UFC also wants service providers to take responsibility and process takedown requests instantaneously .

Carrot-and-Stick

Fighting piracy with tough language, takedowns, and technological hurdles can have an effect. However, in addition to making illegal options less desirable, it’s generally a good idea to offer a great experience to legal consumers. The carrot-and-stick approach, if you will.

A few weeks ago, sports streaming services in Greece decided to present fans with a massive carrot by significantly reducing bundle prices in an attempt to combat piracy. This decision resulted in many happy consumers, who now feel that they’re getting their money’s worth.

In America, the link between pricing and piracy is typically ignored by major rightsholders, at least publicly. However, UFC and others are not insensitive to its importance. In fact, UFC parent company TKO Group Holdings highlighted the link during a quarterly earnings call yesterday.

Higher prices, More Pirates

When an analyst asked about recent pay-per-view (PPV) pricing trends and developments, TKO President Mark Shapiro said that ESPN, which is owned by Disney, has been quite aggressive with its price setting. The broadcasting partner raised PPV prices four times after signing the UFC deal in 2019, which isn’t ideal.

“Look, ESPN and Disney were very aggressive, if you will, on pricing the pay-per-view,” Shapiro responded. “Over the period of our partnership, as you’ve asked, they probably went a little quicker and a little higher than we would have liked.”

Raising prices “quicker and higher” could be a good thing if people continue to pay. However, when confronted with repeated price hikes, some subscribers decided to go down the pirate route instead.

ESPN presumably raised prices to increase profits but if subscribers churn at a rapid pace, that could be counterproductive. TKO believes that may be the case here, linking the price hikes to an increasing piracy rate.

Pricing Matters

TKO doesn’t set ESPN’s prices and has no direct influence on them. However, after noticing elevated piracy rates, TKO shared its concerns with the broadcaster.

“We voiced that to them, especially in this kind of era of piracy where we’re seeing our piracy numbers really jacked up and we think that’s driven by them pricing it too high. They were very receptive to that feedback,” Shapiro notes.

Following a meeting in Las Vegas a few months ago, attended by both UFC CEO Dana White and ESPN chairman Jimmy Pitaro, ESPN made some price tweaks, offering a discount to loyal fans.

“[T]hey took their price down […] in terms of offering a new marketing promotion where, if you buy by a certain date well in advance of the numbered fights, you were going to get a discount, and then the price of course increases once you pass that date. And they’re seeing good success with that,” Shapiro said.

While ESPN’s ‘concession’ is certainly not as generous as that of the Greek streamers , it shows that streaming platforms realize that higher prices are not always better. The ultimate goal is to find an equilibrium, where legal services are affordable, while also being profitable.

MMA Fighting notes that the last increase in UFC PPV prices dates back to late 2022, so ESPN is clearly taking it easy on that front. At this stage, it might even make sense to take “a hit” of somewhat lower profits, driving people away from pirate sites and services to undo their piracy habits.

From: TF , for the latest news on copyright battles, piracy and more.

Despite providing a range of services for free that millions have come to rely on, and others that improve security and uptime for millions more, not everyone views Cloudflare’s key products as universally positive.

In Italy, where it took just a couple of weeks for the Piracy Shield blocking system and Cloudflare to start bumping heads, the reasons for conflict are on full display. Running from its core through to every product it develops, Cloudflare’s mission is to enable and protect online connectivity. Piracy Shield’s mission, to disrupt or terminate the connectivity of IPTV services, is exactly the opposite.

Friction was inevitable, and it began as predicted; a Cloudflare IP address was added to the Piracy Shield system, resulting in instant overblocking of innocent sites, just as the experts had warned, time and time again.

Yet despite innocent Cloudflare customers paying for that blunder with their own connectivity, the ability to continue blocking without causing further collateral damage exposed Piracy Shield’s limitations. And for that, Cloudflare received the blame.

Serie A Takes Legal Against Cloudflare

With Piracy Shield barely two months old, on April 3, 2024, Serie A filed a complaint against Cloudflare at the Court of Milan. Cloudflare’s services protect all who sign up for them but, while most customers are law-abiding, a minority are not. When IPTV providers use Cloudflare’s services, they not only achieve greater anonymity like any other user, their platforms become much more difficult for Piracy Shield to block. Serie A wants this situation brought to an end.

The football league used colorful drug-dealing analogies to paint a picture of Cloudflare providing “pirate match dealers” and their users with a “dealing room and the exit routes” to evade capture. Minus the imagery, Serie A’s claims boil down to the same thing; Cloudflare’s services greatly assist pirates, make anti-piracy measures much less effective, and Cloudflare won’t take the type of action Serie A believes it should.

Force Cloudflare to Participate in Piracy Shield

The existence of the Serie A complaint wasn’t revealed until the end of May when La Repubblica broke the story. But even then, what Serie A hoped to achieve and under what legislation still wasn’t made clear. The Court of Milan’s decision, dated Monday August 5, and reported by Cloudflare’s Italian legal team, fills in most of the gaps.

Early July, DAZN said it should be “mandatory for so-called intermediaries of electronic communication services, which allow pirates to hide from the Piracy Shield platform through their services, to be obliged to register with this platform.” Cloudflare wasn’t mentioned by name, but DAZN already knew what Serie A had demanded because the company and other interested parties were directly involved.

No Legal Basis

Serie A’s argument that Cloudflare should be compelled by court order to participate in the Piracy Shield blocking program, received support from interveners DAZN, Serie B, and Sky Italia. Cloudflare was represented by LMS Studio Legale, and the law firm’s announcement this week revealed good news for Cloudflare.

“Ludovico Anselmi and Giuseppe Cardona, partners at LMS Studio Legale, successfully assisted Cloudflare, an American company providing security services for Internet sites, in precautionary proceedings brought before the Court of Milan by Lega Serie A, with the intervention of Lega Serie B, DAZN and Sky Italia,” the law firm said.

“The appeal aimed to obtain an order to register Cloudflare on the ‘Piracy Shield’ platform established by AGCOM, as well as injunctive measures regarding the alleged provision of Cloudflare services to sites that had allegedly disseminated without authorization images of football matches on which the appellant claimed related rights.”

The decision, handed down by the Court of Milan’s Specialized Section, denied Serie A’s first request after finding that the power to impose registration to Piracy Shield sits beyond the scope of powers assigned to the Court.

A second claim, reportedly relating to Cloudflare’s behavior, was also dismissed. According to LMS, the judges said that the matter should have been heard in a trial on the merits.

Whether Serie A intends to take further action is currently unknown, but it’s clear that the influential football league can rely on support from AGCOM, including when the regulator meets with Cloudflare in September.

Cloudflare was also mentioned in the Chamber of Deputies (lower house of Parliament) last month in connection with Piracy Shield. The extracts below suggest that the commentary may have concluded with a veiled threat.

Extracts below and a link to the original here (pdf)

[I]t appears that following these first months of operation of the automated platform [Piracy Shield] there are entities that provide CDN services that allow pirate users to continue to enjoy the illegal viewing of content subject to a blocking order by AGCOM [..]

In particular, among these subjects, the role of Cloudflare stands out, a CDN and proxy service, which in addition to legal services, such as, for example, cloud connectivity and cyber threat protection services, effectively provides protection to sites that illegally transmit copyrighted content, by shielding their IP address, which would be subject to blocking on the Piracy Shield platform, making it effectively unidentifiable [..]

Cloudflare also provides its services to the public administration. If the circumstance were confirmed, we would be faced with the circumstance that Cloudflare would provide lawful services to the public administration and unlawful services to criminal organizations that manage audiovisual piracy activities.

Whether the Ministers questioned, to the extent of their competence, are aware of the above and whether they are aware of which State administrations use, including through third-party companies, the services offered by Cloudflare, and can provide a list of them; whether the above is confirmed with regard to public administrations and, in the event of an affirmative answer, whether they do not deem it appropriate to take the initiatives within their competence to determine the end of such collaboration.

From: TF , for the latest news on copyright battles, piracy and more.

The Canadian Government is no stranger to having its copyright policies critiqued.

The Office of the US Trade Representative (USTR), for example, has repeatedly placed its northern neighbor on a “ watch list ” because it fails to properly deter piracy, and then the EU followed suit .

To tackle copyright concerns, Canada has made several changes to its laws in recent years. Rightsholders can also obtain pirate site blocking injunctions at Federal Court but despite these developments, many rightsholders remain dissatisfied.

U.S. Copyright Groups Call Out Canada

This week, the IIPA put a spotlight on these alleged shortcomings in a submission to the USTR. The alliance, which is made up of various industry groups including the MPA, RIAA, and AAP, submitted its remarks as part of the ‘Americas Partnership for Economic Prosperity’ ( APEP ) review.

This U.S. Government-enabled process allows third parties to share their concerns about the participating countries, which include Chile, Mexico, Peru and other American countries, such as Canada.

“APEP represents a critical opportunity to improve copyright protection and enforcement in the region, which would support APEP’s mission by strengthening regional competitiveness and integration and fostering shared prosperity and good governance,” IIPA writes

The list of issues highlighted by IIPA is long so for the purpose of this article, our focus is on Canada. According to IIPA’s submission, rampant piracy in Canada is a roadblock that prevents legal entertainment services from reaching their full potential in the country.

“Canada’s legitimate digital marketplace for copyright materials remains hampered by widespread infringement,” IIPA notes.

The association mentions a wide variety of piracy threats including stream-rippers, pirate streaming sites, pirate IPTV services, download portals, resellers of pirate services, devices, and apps, among others.

Online Piracy Haven

These types of comments are not new. In recent years, lawmakers have updated portions of the law to strengthen protection, but Canada does not blindly accept all suggestions. For example, it previously pushed back at such complaints, describing them as “flawed” and “one-sided” .

As a result, Canada remains on the USTR’s copyright protection “watch list” and IIPA still sees plenty of room for further improvement.

IIPA is pleased with Canada’s site blocking progress but the remaining list of “urgent and longstanding problems” shows that not all demands have been met. The U.S. rightsholders signal weak enforcement and a lack of legal incentives to combat piracy among the key issues.

“The country has made some progress in shedding its reputation as an online piracy haven, but too many Canadian Internet businesses allow their services to be abused by pirate operators, highlighting the fact that interindustry cooperation must be a priority.

“The Canadian government at all levels continues to allocate insufficient resources and strategic priority to the enforcement of copyright laws, especially online,” IIPA adds.

Copyright Industry Wishlist

The list of reported problems is long. Luckily, however, IIPA has made a bullet point overview of the key action points for Canada’s Government; this starts with prioritizing anti-piracy enforcement.

“Prioritize enforcement against online piracy (including stream ripping), the operation and sale of subscription piracy services, and the trafficking in [piracy devices], apps, and circumvention software tools and modification services,” the first bullet point reads.

This increase in enforcement will require additional law enforcement resources and training which, ideally, should be readily available to properly combat piracy.

“Provide the Royal Canadian Mounted Police (RCMP), Crown Prosecutors, and local law enforcement with the resources and training required to implement enforcement priorities,” IIPA suggests.

In addition to going after infringing sites, services, and apps, third-party intermediaries should also be ‘incentivized’ to take action. While it’s not spelled out, this hints at potential liability for online service providers, if they don’t cooperate voluntarily.

“Counter online piracy in Canada by strengthening legal incentives for Internet service providers (ISPs), hosting providers, and all other intermediaries to cooperate with copyright owners, in accordance with international best practices,” IIPA writes.

The overview above shows that the suggestions don’t stop at fighting pirate sites and services directly.

IIPA would also like to get rid of the fair-dealing copyright exception for educational institutions. Moreover, Bills C-244 and C-294, which give the public more freedom to circumvention of a technological protection measures, should be rejected.

Whether the U.S. Trade Representative will pick up any of these suggestions has yet to be seen. That said, rightsholders are sending a clear signal that they are not pleased with Canada’s approach to its copyright challenges.

More Countries, More Concerns

IIPA’s concerns don’t stop at the northern border. Southward, there is room for other APEP countries to update their laws and heighten local anti-piracy priorities.

For example, Mexico is encouraged to develop and adopt a high-level national anti-piracy program, that will help to target large online piracy operations in the country. Colombia, meanwhile, should implement a specialized copyright enforcement training program for judges and law enforcement.

In Chile, where lawmakers are working on an overhaul of the constitution, IIPA suggests that strong copyright protection and enforcement should be a priority. At the same time, Chile should make it possible for ISPs to be held liable for copyright infringement.

“Improve and update Chile’s legal framework for ISP liability and online copyright enforcement significantly to foster the development of a healthy digital marketplace,” the rightsholders write.

A full overview of IIPA’s comments and suggestions, submitted as part of the USTR’s ‘Americas Partnership for Economic Prosperity’ efforts, is available here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.