As reported Wednesday, police in Italy and several other European countries coordinated to take down Xtream Codes, at least one IPTV provider, and more than twenty individuals and related equipment linked to the services.

The precise roles of all these people remain unclear. However, there can be little doubt that emphasis is being placed on the importance of the Xtream Codes management system which, according to law enforcement officials, lay at the very heart of the targeted criminal operation even though the software didn’t supply any content.

This very large operation involved police forces in Italy, the Netherlands, France and Bulgaria. It was coordinated across borders with the assistance of Eurojust, an EU agency that helps agencies from member states to co-operate in criminal matters.

Yesterday afternoon, a press conference took place to explain how the operation panned out, who it had targeted, and to detail various additional pieces of information. It began with Filippo Spiezia, National Member for Italy at Eurojust, explaining that hundreds of officers had been involved in the operation to dismantle the technological infrastructure of a “criminal IPTV network.”

Spiezia confirmed that 181 servers had been taken down and seized and more than 800,000 users (police reported 700,000 earlier yesterday) had been disconnected from the Xtream Codes service when it was taken down.

In what became a common theme throughout the conference with several participants, Spieza sometimes appeared to speak generally about the entire operation, which included the takedown of at least one actual IPTV provider, then sometimes in relation to Xtream Codes alone.

This ambiguity and lack of clarity appear to be causing confusion. For example, Reuters reported the following yesterday:

“The biggest illegal platform shut down on Wednesday, dubbed Xtream Codes, had around 50 millions users worldwide,” Reuters reported, citing Gianluca Berruti of the Italian tax police.

“It sold a bundled pay-TV service that included premium content from Comcast’s Sky Italia, Netflix, Mediaset, Dazn, for a monthly subscription of 12 euros,” it claimed Berruti added.

Again, ‘pirate’ IPTV sellers utilizing the Xtream Codes platform may have been doing just that but, at this stage, the second claim above doesn’t make sense or indeed add up. Fifty million users multiplied by 12 euros a month is a staggering amount of money that wasn’t supported by financial information provided later in the conference.

In common with all of those present at yesterday’s gathering, Filippo Spiezia expressed satisfaction at the success of the international operation, noting that cross-border cooperation had proved invaluable since the investigation began.

“During these months of work at Eurojust, we have adapted to the judicial needs of the Italian authorities….to the specific legal requirements of our new partners. This is the first example of an action conducted with these modalities,” he said.

“Thanks to this action we have sent out a very clear signal to criminals that even in this specific domain, even in this specific area which represents the most advanced form of criminality, we will [respond] to them.”

Vincenzo Piscitelli, Deputy Prosecutor in Naples, painted a picture of small offenses by end-users (pirate IPTV subscribers) fueling “huge illegal activities” behind the scenes.

“So this is why we really tried to hit these organizational structures at the heart and that was done through the investigation that was carried out by the public prosecutor’s office of Naples,” he said.

Next up was Valeria Sico, Public Prosecutor in Naples. Sico spoke quickly and through a translator, so that may account for what at times felt like confusing output. While clearly an expert in law, those looking for clear and specific technical details from the Prosecutor failed to receive them.

Some of what Sico said made sense but the fact that Xtream Codes isn’t normally understood to be an actual provider of illegal streams (although it is undoubtedly used by outsiders to manage them), it’s worth reproducing some of her words in full, to see how muddied this has become.

“There was software created by two citizens of Greek nationality. They have a company which had a legal seat in Bulgaria,” Sico said, confirming the information previously supplied by the Italian authorities.

“So this software enables the disclosure and the transmission of [pirate] TV signals through digital ways to different servers which were constructed by the organizations, by the host providers in the Netherlands and in France.

“Through these servers, the signal – the digital signal – was therefore sent to different IP addresses of final users and these people would then receive the [illegal] television signal in their homes.”

Again, it’s worth reiterating that Sico was speaking through a translator so some context and detail may have been lost but from there, the explanation didn’t really become any more clear.

“For the first time, having identified the company that was producing the software, we went directly to the company that was producing the software so they were enabling people to decrypt the signal,” she said.

“So this is why we also went right to the physical place where the disclosure [broadcast] of the signal would take place within these hosting provider companies in Holland and in France….the signal was broadcast to the company that had created the illegal signal – the software company – and then that was sent to the end-users.”

Again, this isn’t the broadly accepted function of the Xtream Codes system, unless the company itself was also involved in the provision of illicit streams. That claim has been the subject of speculation in the past 24 hours, perhaps based on the Reuters report.

Thankfully, Cybercrime Prosecutor Lodewijk Van Zwieten from the Netherlands kept things fairly simple in his prepared speech.

He began by noting that 93 servers had been taken down in one location in the Netherlands, all of which had targeted the Italian market. This seems to be a reference to equipment operated by the actual IPTV provider shown in the video published yesterday.

According to a chart published by the authorities and reproduced below, it was using the Xtream Codes management software, something which seems to have led the company’s software becoming embroiled in the investigation.

Van Zwieten said that no offenses had been committed by Dutch citizens but confirmed that local Internet infrastructure had been abused by the ‘criminal’ network.

“In the Netherlands, we are proud of the fact that we have a big affordable hosting industry which is very important for our economy but we don’t want these services to be used on a large scale for criminal activities,” he said.

“That is why we find it so important, together with the Dutch hosting industry, to act very diligently against abuse. So it was our pleasure to comply with a request from our Italian colleagues.”

Riccardo Croce, Head of Financial Cybercrime Investigation with the State Police in Italy, said that the “criminal group” (again, no precise explanation of which entities that phrase encompasses) had five million users in Italy alone, contributing to the 2,180,000 euros generated every month in illicit funds.

As highlighted earlier, the figures offered by various parties don’t add up, lack clarity, and as a result, appear to contradict each other.

In common with Sico’s speech, Creco’s was also presented through a translator. However, Creco was absolutely clear that the plan was to get to the “complex mapping of international technological infrastructure and to really hit them at the heart of the infrastructure.”

He spoke briefly about the complex technological network being used to transfer the actual streams but then appeared to touch on the importance of Xtream Codes once again, noting that entities in the chain were able to use a particular service to sell the product to the public.

“Our investigation was based on this, to go to the source level of this illegal signal, to disarticulate completely all servers in various European countries in which the infrastructure existed to replicate these signals,” Creco said.

“And, to hit for the first time, the company that was offering this very interesting support to the criminal infrastructure which put at its disposal these panels, network panels, the computer system through which the multitude of pay channels were able to be sold and resold through a chain of people called resellers throughout Europe so it could end up at the end-users.”

The paragraph above is possibly the clearest description of Xtream Codes’ function from someone in authority since yesterday’s raids. Creco’s statement not only separates the system from the actual provision of illegal streams but describes its function as most people understand it.

While many will argue that Xtream Codes was content-agnostic and capable of being put to plenty of legitimate uses, it’s clear that the authorities do not believe that was the intent at all. Through their statements, as confusing as they were at times, the message seems to be that Xtream Codes was perhaps the most important cog in the wheel.

There are many huge questions now being asked in the unlicensed IPTV community but perhaps the biggest is what information was held on the servers of Xtream Codes at the moment they were seized. They are a potential goldmine of information, not only relating to the many IPTV providers and sellers that used the service but also their customers. The worldwide fallout could be immense.

Importantly, however, Xtream Codes (as popular as it was) is not the only product out there capable of doing this kind of management job. So while the company’s days may already be over, others are already gearing up to fill in the gaps. Whether anyone will want to centralize their data with a vulnerable third-party again will be up for debate, however.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Millennium Films and its daughter companies have been rather active with their anti-piracy efforts in recent months.

The movie companies have targeted some of the largest piracy apps and websites in court with the ultimate goal of shutting them down.

Last week this resulted in a major success when the popular app CotoMovies decided to shut down. This was a direct result of legal pressure from Millennium Films which, in the process, brokered an unusual deal.

In addition to shutting down and issuing a public apology, CotoMovies confirmed that it will share user data with the movie companies. According to the movie company’s attorney, Kerry S. Culpepper, this data can “more than likely” be used to go after users of the streaming piracy app.

While no further details have emerged since, the CotoMovies aftermath continues. A few days ago Millennium Films obtained a subpoena which requires Cloudflare to hand over the personal details of people connected to several file-hosting and streaming sites.

These targets include Verystream and Streamango, two very popular hosting services with millions of users each, which were reportedly used by CotoMovies to serve videos. The other sites, Fembed, VShare, Vidlox, Flix555, Streamplay, and 0123movies, all have a CotoMovies connection as well.

“The above web domains have been identified as streaming copies of Owner’s motion picture(s) and supplying said streams to the piracy app ‘CotoMovies’,” Culpepper informed the Hawaii Federal Court.

Culpepper requests the name, address, telephone, email, payment records, and IP address log history for each associated customer. This will likely be used to conduct follow-up investigations.

The services and sites are informally accused of making Millennium’s copyrighted content available without permission. That said, it’s not clear whether the operators of these domains can be held directly liable. After all, most sites rely on user-uploaded content.

Millennium, however, seems determined to keep digging for more information, perhaps hoping that more apps and services will fold.

“Millennium greatly values their and other’s intellectual property.  Millennium cannot keep making new movies if people steal Millennium’s movies through apps like these,” Millennium Media co-president Jonathan Yunger informed TorrentFreak last week, following the CotoMovies shutdown.

—

A copy of the subpoena directed at Cloudflare is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Reports of legal action and law enforcement activities against IPTV services and providers are a regular occurrence but news coming out of Italy this morning is particularly interesting.

According to the Guardia di Finanza (GdF), a law enforcement agency under the authority of the Minister of Economy and Finance, a huge operation is underway to target and dismantle the software service known as Xtream Codes.

What makes the case unusual is that Xtream Codes isn’t an IPTV provider as such. Usually operating from Xtream-codes.com, the company behind the software/system offers a comprehensive package that allows people to manage their own IPTV reselling service and its customers.

The system is subscription-based, starting at around 15 euros per month and running to 59 euros per month for the powerful “all-in-one” solution.

The Guardia di Finanza say that 100 officers from its Special Unit for the Protection of Privacy and Technological Fraud (NSPFT) are taking part in the operation to take Xtream Codes down.

Early reports suggest that the system has been “seized”, allegedly preventing 700,000 users from accessing the platform. Xtream Codes itself recently reported having more than 5,000 clients servicing in excess of 50,000,000 end clients.

The Italian police unit is describing Xtream Codes as an international criminal group that’s being targeted not only in Italy but with simultaneous searches in the Netherlands, France, Germany, Greece and Bulgaria.

Xtream Codes is registered as a company in Bulgaria, has a local VAT number, and lists an address in Petrich for its offices. According to its now-disappeared website, it was founded by two students. Police say that 25 “managers” have been identified but there’s no specific mention of any arrests.

Disruption is already being reported by some IPTV sellers utilizing the Xtream Codes system. Authorities in Italy are set to provide more information on the operation this morning so we’ll update this article as more news comes in.

Update: A video made available by the GdF in respect of the above-detailed operation is embedded below. It is likely to cause confusion due to the depiction of what appears to be a ‘pirate’ IPTV provider being taken down.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Over the past several years, the Canadian company easyDNS has come up in several piracy-related news articles.

The company’s domain registrar activities, in particular, have been a topic of discussion. Not least because it serves high-profile customers, including The Pirate Bay.

EasyDNS CEO Mark Jeftovic has always made it very clear that he doesn’t want his company to be a refuge for pirate sites. However, at the same time he is committed to protecting due process. 

This became clear a few years ago when the company refused to suspend domain names based on allegations from the City of London Police. This stance was repeated later when the RIAA asked easyDNS to suspend The Pirate Bay’s domain, which it refused to do without a court order. 

These examples show that easyDNS is no stranger to legal pressure, but a recent request from a German law firm was a bit over the top, even by easyDNS’ standards.

The company recently received a copyright notice from the German law firm Fechner Legal, ordering easyDNS to take down a URL of one of its clients who allegedly posted a copyright-infringing image. In addition, the notice came with a settlement offer, urging the registrar to pay €1,481 in damages and fees.

The letter, which was initially sent to the wrong email address years ago, came through the postal mail. EasyDNS has no plans to pay up or expose its customer, as the law firm requested. However, it did send a reply asking for a digital copy so it could be forwarded to its customer, as is standard practice.

Instead of sending over the requested digital copy, the law firm replied with a threat. Citing German jurisprudence, attorney Robert Fechner urged easyDNS to hand over the name and email address of the allegedly-infringing customer, or else.

The” or else,” in this case, would come in the form of a criminal complaint.

“If you fail to comply with the law, further proceedings will be to file a criminal complaint against you in order to acquire this information on the basis of § 14 II TMG. In this case, additional damages due to your uncooperative and unlawful behavior will be claimed.” Fechner wrote.

Despite the threat of a criminal complaint, easyDNS still doesn’t plan to hand over the name and email address of its customer. The company’s CEO stresses that it only complies with the law of the country where it’s incorporated, which is Canada.

Simply handing over personal information might violate Canadian privacy law, easyDNS stresses. This means that, if Fechner Legal wants the personal information of the customer in question, it has to obtain a valid court order, subpoena or warrant in the Province of Ontario.

“It’s almost as if Herr Fechner doesn’t understand that Canada is a completely different country than Germany, and thus businesses operating here are subject to Canadian, not German law,” Jeftovic notes.

“We have further advised Herr Fechner that both easyDNS and our lawyers take a dim view of being threatened with a criminal complaint over something like this and we wonder out loud if the German bar association would have anything to say about one of their own abusing their position and misrepresenting the law in this manner,” he adds.

In any case, it’s clear that as a third-party registrar, easyDNS isn’t going to take any action without a proper court order. This means that the allegedly infringing URL remains online for now, just like The Pirate Bay.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Sitting in the heart of Europe geographically but outside the European Union politically, Switzerland is largely free to make its own legislation.

On the copyright front, this has brought the country out of line with standards adopted by its neighbors, something that has drawn criticism from entertainment industry companies, particularly those in the United States.

In 2017, proposals to amend the country’s copyright laws were drafted but they failed to fully address key complaints from the United States Trade Representative (USTR) made on behalf of rightsholders.

A major complaint is that the country’s private copying exception shouldn’t apply to content obtained from illegal sources, i.e pirate copies of movies circulating on peer-to-peer networks such as BitTorrent. The USTR also had issues with the current liability framework for sites and hosting services that facilitate and profit from piracy.

After a long trip through the corridors of power, Switzerland’s National Council adopted amendments to copyright law Monday but at first view, there seems little to please the United States.

First up, regular citizens who download copyrighted content from illegal sources will not be criminalized. This means that those who obtain copies of the latest movies from the Internet, for example, will be able to continue doing so without fear of reprisals. Uploading has always been outlawed and that aspect has not changed.

Second, the drive to have pirate site-blocking introduced into Swiss law has been rejected. Unlike elsewhere in Europe, where the practice is widespread and supported by EU law, ISPs will not be required to block ‘pirate’ platforms as some copyright holders had demanded.

On the hosting and liability front, there will be changes, but at this early stage, it’s unclear how that will play out on the ground.

SwissInfo reports that the reforms will force local hosting providers to remove illegal content from their servers but adds that parliament rejected rules that would compel online platforms to check whether uploaded content is copyrighted.

A “take-down-stay-down” system had been championed (which would presumably require content to be checked against previous takedowns) but elsewhere it’s claimed that the new legal framework “favors self-regulation” to fight piracy at the hosting level.

While an extension from 50 to 70 years copyright protection for musical and photographic works will be welcomed by copyright holders, the failure to outlaw downloading of pirated content for personal use will be absolutely unacceptable to the United States and the MPAA in particular.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.