Last weekend we reported how scammers were sending DMCA notices to downrank game piracy sites.

Presumably, this was done to give their malware-infested pirate sites a better ranking in search results.

While our previous article focused on the abuse of takedown notices, the problem is much broader. In addition to removing content, scammers are also spamming many sites with messages that link people to their dubious pirate sites.

We spoke to a source who has followed this activity for quite a while and actively reported spam he found on medium.com, change.org, wattpad.com, github.com, bitly.com, deviantart.com, zendesk.com, soundcloud.com, ghost.org, hashnode.com, and elsewhere.

Most of these sites were very cooperative and cleaned up the mess soon after they were alerted.

“The list is really long, but what was great is that all these services immediately responded to my reports. Some of them implemented spam filters and medium.com even sent a t-shirt to thank me,” says our source, who prefers to remain anonymous.

Zendesk’s response

With any type of spam, it’s impossible to eliminate the problem completely. However, our source says that some platforms are more receptive to reports than others. At Facebook and Google, this didn’t go so easily.

For months, scammers have used Facebook events to promote their malware or trojan links out in the open, through numerous accounts. In some cases, these events have been online for months, such as with this Fix Problem account.

This account lists many hundreds of events, which presumably link to pirated software, games, and other content. There are no events of course, but these listings help to increase SEO and give the associated sites a boost in traffic as well.

Fix problem?

The problem is rather persistent. Our source says that he reported the issue in detail to Facebook, but that there’s been little improvement. Many of the reported events are still online today, and new ones keep appearing too.

A targeted search for “Just Cause” Facebook events created over the past week, shows dozens of results.

Targeted Google search

Initially, the Facebook posts linked directly to the sites where the malware-content could be downloaded, but more recently they switched to Google groups. Perhaps because these links are harder to detect automatically.

People who follow these links don’t get a copy of free software, games, or movies. Instead, they’re downloading malware-infested files, although the landing page suggests otherwise.

A Just Cause landing page

Facebook events appears to be one of the favorite spamming tools, but Google groups are also frequently used. This issue was brought to Google’s attention weeks ago, in a rather detailed post in the webmaster help forum.

For weeks, many of the reported groups remained online and some still are at the time of writing. New ones are still appearing too, as shown below.

Just Cause?

More recently, Google has flagged several postings but instead of removing them entirely, Google added a warning message.

TorrentFreak followed a few of the links that were provided in these spam posts and these indeed point to suspicious malware files, or worse. While this type of spamming activity is not new, Google, Facebook and others may want to take a closer look at how this can be dealt with properly.

Our source has made it somewhat of a personal crusade to go after the scammers. As he runs a pirate site of his own, he a has stake in the matter. Previousy his own links were taken down from Google and, as reported last week, he believes that this was a targeted action by the scammers.

A very detailed accounting of evidence and other information, shared with us, suggests that’s indeed the case, at least in some instances. It could of course be that there are more rogue actors.

In the background, this takedown issue has added fuel to a rivalry between ‘real’ pirate sites. Accusations were made back and forth, which resulted in one site shutting down and much more drama on top.

It’s impossible to verify any of the claims or accusations and there may be more things going on at once. What we can say, however, is that our source directly linked the takedown efforts to the type of scamming activity on Google, Facebook, and other sites.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

As the controversy over the EU’s Article 13 proposals continue, Twitter appears to be the communications weapon of choice for parties on both sides.

While the debate has often been well thought out and considered, at times it has descended into a chorus of potty-mouthed name-calling that at times has proven embarrassing to read. But that’s the Internet, of course.

As one of the main opponents of Article 13 and in particular its requirement for upload filtering, Julia Reda MEP has been a frequent target for proponents. Accused of being a YouTube/Google shill (despite speaking out loudly against YouTube’s maneuvering), Reda has endured a lot of criticism. As an MEP, she’s probably used to that.

However, a recent response to one of her tweets from music giant IFPI opens up a somewhat ironic can of worms that deserves a closer look.

Since kids will be affected by Article 13, largely due to their obsessiveness with YouTube, Reda recently suggested that they should “lobby” their parents to read up on the legislation. In tandem with pop-ups from YouTube advising users to oppose Article 13, that seemed to irritate some supporters of the proposed law.

As the response from IFPI’s official account shows, Reda’s advice went down like a lead balloon with the music group, a key defender of Article 13.

It’s working!

“Shame on you: Do you really approve of minors being manipulated by big tech companies to deliver their commercial agenda?” the IFPI tweet reads.

While Reda reaching out to kids probably irritated whoever was behind the keyboard at IFPI, it can’t have helped that the example given in Reda’s tweet was a response from UK Labour MP Jess Phillips. She’s one of the most plain-talking MPs in the UK currently and has a great sense of humor, even when it comes to her own kids offering education on copyright law.

Joking aside though, it’s pretty ironic that IFPI has called out Reda for informing kids about copyright law to further the aims of “big tech companies”. As we all know, the music and movie industries have been happily doing exactly the same to further their own aims for at least ten years and probably more.

Digging through the TF archives, there are way too many articles detailing how “big media” has directly targeted kids with their message over the last decade. Back in 2009, for example, a former anti-piracy consultant for EMI lectured kids as young as five on anti-piracy issues.

That same year, it was revealed that the Copyright Alliance (of which the RIAA is a member) was pushing a pro-copyright curriculum to schools in the US. Then, in 2012, the French anti-piracy agency HADOPI, which has ties to the entertainment industries, put forward proposals to target children at the Kidexpo exhibition in Paris.

In 2013, both the RIAA and MPAA began teaching copyright classes in California public schools after developing a curriculum targeted at kids from kindergarten through sixth grade.

More recently in 2016, the Creative Content UK initiative, which is backed by the copyright industries, hit classrooms in an effort to educate children about the dangers of piracy.

Then, just this year, a special campaign targeted directly at kids tried to deter them from using ‘pirate’ sites by feeding them questionable information about malware.

TL;DR Glass houses and black pots.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

As first reported here on TorrentFreak, popular streaming application Showbox hit turbulent times recently.

In May we revealed that a group of independent movie studios (Dallas Buyers Club, Cobbler Nevada, Bodyguard Productions, and others) were targeting sites and individuals said to be behind or offering Showbox.

Back in September, a DMCA subpoena filed by the same companies ordered Cloudflare to expose the people linked to various sites offering the application.

It is important to know that the companies behind this request are known serial litigants and have been involved in many “copyright trolling” cases against BitTorrent users in the US and elsewhere.

Last month we reported that two websites connected to Showbox had settled their legal dispute with the companies previously mentioned. The terms of the settlement were not made public and the sites in question now display an ominous warning.

Showbox warning

While some will undoubtedly view these messages as scaremongering, it’s surprising that former Showbox users want anything to do with the application moving forward, given recent history. Nevertheless, dozens of threads online feature users asking whether new versions of Showbox popping up here and there are ‘safe’ to use.

It is a difficult – if not impossible – question for anyone to answer conclusively.

First of all, many of the individuals who previously used the app don’t even seem to know where they downloaded it from. This means they could’ve been using the original version or a modified variant from an unknown developer, with both options raising security issues but for different reasons.

It appears that the original app is in trouble and as for the clones, who knows what their motivations are? And, with known copyright trolls heavily in the mix here, alarm bells of all kinds should be going off. That said, people clearly want their movies and TV shows for free and are happy to carry on doing that as long as someone says “yeah, this version is safe.”

At this point, it might interest readers to learn that several times in the past few months we’ve been asked by random emailers to ‘update’ our old Showbox (and indeed TerrariumTV) articles with new links to what they claimed to be the original apps.

There seems little doubt that this was an attempt to misdirect, so unlike some other news outlets who did change their links, we ignored the requests. We don’t know whether this was simply an attempt to drive more traffic to ‘safe’ clones, websites offering the original, or whether something more sinister was at play. It is something to think about, however.

There are so many variables at play here (including what happens to data gathered from Showbox users’ machines, plus IP addresses etc) that to recommend a certain variant of Showbox as ‘safe’ would be pretty irresponsible. There’s also the fact that Showbox not only uses file-hosting links but also torrents, which are inherently ‘unsafe’ unless people use a VPN.

Admittedly, certain versions and updates of Showbox may be completely benign but short of having a detailed analysis done on each app, plus having access to what happens behind the scenes, it’s a potential minefield that users will have to walk through at their own risk.

Some seem very happy to do that, others are less keen. Only time will tell who made the ‘safe’ decision.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Website blocking is without a doubt one of the favorite anti-piracy tools of the entertainment industries.

India is no stranger to this measure either. Over the years, local courts have issued a variety of blocking orders, often to protect films upon their initial release.

This also happened last week. Following a request by Lyca Productions, the company behind the film “2.0,” the Madras High Court ordered 37 local ISPs to block access to a list of 12,564 domain names, should that be necessary to stop the film from being pirated.

When the news broke it was unknown whether this number referred to separate sites or domains. Local reports only indicated that 2,000 of the ‘websites’ are operated by notorious Tamil movie website TamilRockers.

This didn’t help, as we’re not aware of that many sites being operated by TamilRockers. Luckily, however, we managed to obtain a copy of the court order that explains what’s really going on here.

As it turns out, the Madras High Court didn’t list more than 12,000 separate websites. The order really only targets 16 prime targets, which we can easily list in a single paragraph.

These are Tamilrockers, Movierulz, Tamilmv, 1337x, Worldfree4u, Tamildbox, Tamilgun, Tamilrage, Isaimini, Filmlinks4u, Madrasrockers, Tamilyogi, Thiruttumovies, Mtamilrockers, Hiidude, and Mymoviesda.

So how did the court order get to 12,564 domain names? As it turns out, for each of the targeted ‘sites’ it lists hundreds of domain names. Quite exotic ones too, as can be seen below.

From the order

The person who came up with this idea must have thought that this was a great way to prevent pirate sites from simply registering a new domain. The majority of the domains are not even registered yet, which is something we’ve never seen before.

While the makers of 2.0 probably saw this as an ingenious plan, the reality is quite different.

Take the site Hiidude for example. They previously operated from Hiidide.biz and Hiidude.in. These are covered by the court order and so are other unregistered domain options, such as Hidude.lgbt, Hiidude.wtf, and even Hiidude.fail.

However, the site is not without additional options. Whether it’s in direct response to this court order or not, today Hiidude is operating from Hiidude1.in. It only took a single character to circumvent the entire court order.

In addition, it’s worth mentioning that the court order is not permanent. Instead, it only lasts until December 13, noting that the companies should block the domain names if that becomes necessary.

Perhaps more importantly, the order didn’t prevent the movie “2.0” from being leaked. Last weekend, Venkat informed TorrentFreak that a high-quality copy had leaked online. It reportedly came out first on the site TamilRockers, but it spread to other sites soon after.

This prompted Lyca Productions to retain the anti-piracy outfit “BLOCK X” to issue strongly-worded takedown requests to a variety of sites where “2.0” appeared.

“We demand that you expeditiously remove or disable access to the material in question. In the event of your non-compliance you will no longer be protected by the veil of safe harbor,” it reads, referencing the US DMCA.

Meanwhile, it appears that Indian law enforcement is also continuing to put pressure on Tamilrockers. Local news sites report that “a few” admins were arrested last week, while others state it was just one. The site remains operational though.

Interestingly this isn’t the first time that TamilRockers admins or members have been arrested. The same ‘reportedly’ happened early November, in July, in March, September 2017, and even years earlier.

Apparently, the site not only has a lot of domain names, but also plenty of admins.

—

A copy of the court order, obtained by TorrentFreak, is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Over the past year there has been a wave of copyright infringement lawsuits against alleged cheaters or cheat makers.

Take-Two Interactive Software, the company behind ‘Grand Theft Auto V’ (GTA V), is one of the major players involved. The company has filed several lawsuits in the US and abroad, targeting alleged cheaters.

In August the company filed a case against Florida resident Jhonny Perez, accusing him of copyright infringement by creating and distributing a cheating tool. The software, known as “Elusive,” could be used to cheat and grief, interfering with the gameplay of others.

“In essence, Defendant is free riding on TakeTwo’s intellectual property to sell a commercial product that interferes with the carefully orchestrated and balanced gameplay that Take-Two created for its players,” Take-Two notes in the court filing this week.

The defendant has a clear profit motive, according to the company, which notes that “Elusive” was sold at prices ranging from $10 to $30, depending on the package. Buyers could pay through PayPal, but Steam and Amazon gift cards were also accepted.

How much money was made in the process remains unknown. Prior to filing the lawsuit, Take-Two requested detailed financial records from Perez in an attempt to reach a settlement. However, the defendant didn’t hand over the requested information and eventually stopped responding.

This lack of response continued after the lawsuit was filed, which prompted Take-Two to move for a default judgment. According to the company, it’s clear that the cheat maker is guilty of both direct and contributory copyright infringement.

Take-Two submitted its proposed default judgment to a New York federal court this week, asking for the maximum statutory damages amount of $150,000.

Among other things, Take-Two says this is warranted because the cheating activity resulted in severe losses. According to an estimate provided by the company, the harm is at least $500,000. In addition, the maximum in damages should also act as a deterrent against other cheat developers.

“A maximum award would deter Defendant and other infringers from creating similar cheating tools that modify and alter GTAV,” the company argues.

“Indeed, Defendant is not alone in his effort to create, distribute, and maintain a program that alters and modifies Take Two’s game, which is then sold to users for profit. Take-Two already has been forced to bring several lawsuits in the United States and around the world against other infringers.”

On top of the $150,000 in damages, Take-Two also requests $69,686 in attorney’s fees, as well a permanent injunction prohibiting the defendant from continuing infringing activities moving forward.

Take-Two’s conclusion

As far as we know, Elusive hasn’t been available since earlier this year when the developer informed the public that activities were being discontinued.

“After discussions with Take-Two Interactive, we are immediately ceasing all maintenance, development, and distribution of our cheat menu services,” a public announcement read at the time.

“We will also be donating our proceeds to a charity designated by Take-Two. We apologize for any and all problems our software has caused to the Grand Theft Auto Online community,” it added.

That said, Take-Two has experience with developers who say one thing and do another, so the company would like to see details cemented in a court order. Given that the defendant has not responded in court, it is likely that the court will side with the gaming company.

—

Here are copies of Take-Two’s memorandum (pdf) and the proposed order (pdf), obtained by TorrentFreak.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.