Last Friday, Dutch anti-piracy group BREIN teamed up with the Motion Picture Association (MPA) and Alliance for Creativity and Entertainment to take action against a massive supplier of pirate movies and TV shows.

Moonwalk, as the Content Delivery Network was known, supplied an estimated 80% of known Russian streaming portals. These sites were able to embed a video player which presented not only movies and TV shows from Moonwalk, but advertising too. For this service, Moonwalk reportedly paid the sites $0.60 per 1000 views.

After bailiffs acting on BREIN’s behalf served ex parte court orders on five Netherlands-based hosting providers, which required them to disconnect and preserve evidence on Moonwalk’s operations, the CDN shut down, stating it would “ NEVER be up again “.

This week TorrentFreak spoke with cybersecurity company Group-IB . The Singapore-based firm, which is a partner of both INTERPOL and Europol, had previously supplied us with information detailing the activities of Moonwalk. It has now provided an interesting update on the fallout from last week’s legal action.

Group-IB says that at the time of its shutdown, Moonwalk was even bigger than the conservative figures published by BREIN last week suggest. While BREIN claimed more than 26,000 movies and 10,000 TV shows were stored, Group-IB says that 28,258 movies were being distributed alongside 14,549 TV shows at the time of the shutdown.

However, it’s the knock-on effect and the state of the market after the takedown that raises the most interest.

Group-IB informs us that another big “pirate-powered” CDN known as HDGO has also shut down following the action by BREIN and its partners. The cybersecurity firm believes that the closures are connected because HDGO used some of the same infrastructure as Moonwalk.

“Compared with other CDNs HDGO provided new content faster and guaranteed a higher income for pirate websites’ owners,” says Dmitry Tyunkin, Deputy Director of Anti-Piracy and Brand Protection at Group-IB.

A second “pirate-powered” CDN, known online as Kodik, has also shut down as a result of the Moonwalk action. Again, Kodik is believed to have used the same infrastructure as Moonwalk and HDGO, suggesting that the BREIN court orders may have had an even wider effect.

“The Kodik CDN used some of Moonwalk’s servers, especially the ones where TV show content was stored. According to our estimates, Kodik could have lost 8,000 out of 17,000 TV shows. It’s known that there was a pirated content ‘exchange agreement’ between Moonwalk and Kodik,” Tyunkin adds.

It’s estimated that Moonwalk’s CDN player could have been built-in into thousands of websites so the removal of the players could have an even more profound effect.

“In the short-term perspective, the shutdown of Moonwalk, HDGO and Kodik could mean a big blow to online piracy in Russia and can potentially contain pirated video content distribution for some time.”

But Moonwalk, HDGO, and Kodik weren’t the only players in the ‘pirate CDN’ market. Group-IB says that despite the magnitude of the recent efforts and initial fallout, in the long-term the “many competitors” of Moonwalk are likely to step in to facilitate supply.

The company believes there are 10 “pirate-powered” CDNs still supplying the market, including major players HDVB, VideoCDN, and Collaps.

“According to Group-IB’s data, 80% of pirated movies in Russia are now streamed, a figure that increases to 90% for TV shows,” the company says.

“The majority of Russian online pirates use CDNs because they store hundreds of thousands of files containing films and TV series, and offer a technical service that allows to automatically place this content on pirate websites.

“Some of these technical CDN providers also offer web modules that autofill sites with film posters and descriptions, and in some cases even supply unique reviews.”

Finally, in terms of impact on the global market, Group-IB believes the shutdowns have the potential to affect between 5 and 10 percent of worldwide supply but cautions that this is “definitely a temporary change.”

Source: TF , for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons .

Over the past few years, users ripping music from sites like YouTube has been portrayed by the industry as a bigger problem than torrent sites.

According to stats published by industry group IFPI last year, 32% of all Internet users were stream rippers, up from 30% in 2016. This, according to the group, made it the leading form of music piracy.

Last week, however, a new report revealed that the practice is actually on a downward trend , with 23% of those surveyed admitting to using stream-ripping services. Despite the big decrease, the RIAA isn’t likely to step away from its enforcement efforts anytime soon, as evidenced by a new application filed at a US court.

The application for a DMCA subpoena filed in the District of Columbia targets three sites that are either directly or indirectly linked to YouTube-ripping.

In common with several previous applications, this one also requires domain registry Namecheap to hand over the personal details of their operators, providing names, physical addresses, IP addresses, telephone numbers, email addresses, payment information and more.

The first, YouTubeMP4.biz , recently suffered a drop in traffic according to SimilarWeb stats but that blip aside, has been pulling in up to 1.2 million visits per month throughout 2019. It is most popular in the United States, followed by the UK, Thailand, India and Turkey.

Next up is Keepvid.ws , which at around three million visits per month is the most popular in the application. Perhaps unusually given the close interest of the RIAA, the YouTube-ripping platform is most popular in South Africa, with around 16% of its traffic coming from the region. India and the United States follow with around 10% each.

The last of the RIAA’s latest targets is HDMP4.net , which on the surface seems different from the rest. When accessing the site’s URL directly, visitors are greeted with a blank page, which is unusual for a stream-ripping platform.

Furthermore, Google reveals that HDMP4.net has had just a handful of DMCA notices filed against it over the past several years, the last in 2015, with none coming from the music industry. However, checking in Google’s indexes reveals that the site isn’t indexed, so that makes sense.

The RIAA does mention some specific URLs carrying its content, including tracks by Cyndi Lauper and ZZ Top, which raises the question of whether other sites are using it in some way. Indeed, checks using various resources indicate that the site, which only gained significant traffic in June this year, seems connected to a number of other ripping services.

The big question remains whether the raft of DMCA subpoenas obtained by the RIAA against companies such as Namecheap and Cloudflare are having any direct effect on the operations of these platforms. While things are probably going on behind the scenes that we don’t know about, in the main most previously-targeted sites seem unaffected.

In May , the RIAA tried to extract the personal details of huge ripping site Y2Mate.com from Cloudflare and Namecheap. At the time the site had around 60 million monthly visits and despite the efforts, remains stubbornly online today.

The only real difference now is that SimilarWeb reports the site enjoying in excess of 130 million monthly visits, more than double the traffic reported back in May. The company recently changed the way it calculates traffic but it seems unlikely to have had this much of an effect, particularly since other online measurement sites also show a big upward trend.

On the flip side, a separate effort in May to unmask the operator of YouTubNow.com, a site with 15 million monthly visits, may have paid off. The site currently carries a “maintenance” message and its traffic has tanked to almost zero. That can probably go in the success column for the RIAA.

Back in June , the RIAA homed-in on 10Convert.com, Amoyshare.com, AnythingtoMP3.cc, IMP3Juices.com, BigConverter.com, YouTubeMP4.to, QDownloader.net, GenYouTube.net, Break.TV, DL-YouTube-MP3.net, ConvertBox.net, and Downloaders.io.

At the time of writing, only ConvertBox.net seems completely down while BigConverter.com might have resorted to blocking UK traffic for reasons unknown. The rest are operational, which doesn’t sound like a notable success rate. That being said, the RIAA may have other goals in mind so the bigger picture may play out in time.

By the industry’s own accounting, stream-ripping is on a downward trend but whether that’s attributable to the RIAA’s takedown efforts remains open to speculation. That being said, the RIAA will argue it has to do something , so the pressure is likely to continue.

The latest DMCA subpoena granted by the court can be found here (pdf)

Source: TF , for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons .

For as long as peer-to-peer (P2P) networks such as BitTorrent have existed, anti-piracy companies have been monitoring the activities of those who use them.

This is to be expected. Not only do the companies have a vested interest in keeping an eye on what’s going on, by their very nature P2P networks are open and easily trackable.

The rise of streaming piracy – computer servers streaming video directly to end-users – has presented a new problem, however. Unlike P2P systems, there’s no easy way for an anti-piracy company to get in between the user and the server to see what’s going on. Only ISPs can see that data, which is why a recent interview caught our eye.

Friend MTS (FMTS) is an anti-piracy company based in Birmingham, UK. They’re perhaps best known for their live IPTV blocking work carried out on behalf of the Premier League, for which they have to partner to a greater or lesser extent with ISPs in the UK. FMTS tells them which servers to block, and the ISPs carry out it, broadly speaking.

However, in a recent interview, Simon Hanna of FMTS spoke about a different type of collaboration with ISPs, one that has the potential to raise eyebrows among privacy advocates, especially those who hoped all of their Internet traffic would remain completely their business.

Quite soon into the interview, Hanna correctly points out that broad availability of pirated content online tends to give an indication of how popular particular content is but isn’t always a great indicator of how much is actually being consumed.

“Consumption is a much more valuable indicator than pure availability of content and consumption has always been very difficult to monitor. People often throw numbers out but they are guesswork at best and we don’t really put a lot of faith in the numbers that have been made available in the past,” Hanna said.

With this in mind, FMTS say they have developed a system that allows them to work with content owners and ISPs to form a greater understanding of the consumption of media from online ‘pirate’ sources. The company does this by first tracking the servers down from where the content is being streamed and handing this information to the ISPs.

“We can see through our monitoring activities the range of servers that are available globally delivering this pirate content and we can provide that information to an ISP who are monitoring the flows of data requests in and out of the networks all day long,” Hanna explained.

“They can use these lists of IP addresses to really focus on consumption of content from those servers by the broadband subscribers within the ISP network and that will then give information around the scale of the problem.”

That’s probably a bit of a “wow” moment for many Internet subscribers who believed that once their traffic entered their ISP’s network it wouldn’t be closely monitored until it left to access a BitTorrent swarm, for example.

If FMTS’ statement is what it seems, some ISPs might be following their customers’ broadband usage habits a little bit more intimately than previously thought.

On the plus side, at least as far as individual subscribers are concerned, FMTS say they don’t look at or care about “the individuals themselves”. They’re not looking for any personally identifiable information and are just trying to get a handle on the volume of content being consumed.

Whether dual broadband/TV supplying companies are more interested in this data remains open to question, however.

“Because inevitably, if a large proportion of the ISP’s broadband subscribers are actually consuming content, they are not paying for the associated operator’s TV services,” Hanna added.

In many cases, of course, the broadband provider/ISP is also a supplier of TV content to the same customers – Sky, Virgin Media, and BT in the UK, for example. There’s no claim that these ISPs are indeed teaming up with FMTS in this project but any and all might be interested in the information it reportedly makes available.

“We work with content owners to basically go out and find pirate sources of the content. We can then real-time update these lists, feed this information into the ISPs and the ISPs can then use this information to generate the reporting real-time but with the flow monitoring, more in-depth reports of three-months plus worth of data, to actually get a real picture of consumption habits, both of TV channels but also specific events and pieces of content,” Hanna revealed.

FMTS says that monitoring consumption is important because it allows action previously taken to reduce availability to be measured at the end where it really matters.

“If you can then reduce the availability, then inevitably you should be able to reduce the consumption but you keep monitoring to observe that you do actually have this effect. If you can reduce the availability and reduce the consumption, chances are you would expect you would then preserve and reinforce your pay-TV revenues,” Hanna concluded.

The full interview, which covers many aspects of anti-piracy activity, from general enforcement to fingerprinting and watermarking, can be viewed here .

Source: TF , for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons .

When President Clinton signed the Digital Millenium Copyright Act (DMCA) into law in 1998, its goal was to ready copyright law for the digital age.

The law introduced safe harbors for Internet services (DMCA Section 512 ), meaning that they can’t be held liable for their pirating users as long as they properly process takedown notices and deal with repeat infringers.

Today the four-letter acronym is known around the world and the United States appears keen to export it in future trade agreements. Most recently, a DMCA-style provision was added to the  United States-Mexico-Canada Agreement ( USMCA ), which covers a wide variety of trade issues including copyright-related topics.

While this would have been welcomed by rightsholders twenty years ago, the situation looks quite different today. The music industry, in particular, believes that the DMCA is obsolete, dysfunctional, and even harmful . For these reasons, major industry groups would like to see it replaced with something ‘better.’

When the first draft of the USMCA was published, the RIAA made this clear in no uncertain terms. “Modern trade treaties should advance the policy priority of encouraging more accountability on public platforms, not less,” RIAA President Mitch Glazier said.

The issue was crucial enough to be specifically mentioned in the RIAA’s lobbying disclosures at the U.S. House and Senate. This may have had an effect, as this week the concerns were picked up by the House Judiciary Committee.

In a letter to the U.S. Trade Representative (USTR), the Judiciary Committee points out that Section 512 of the DMCA is widely debated and that “some” have called on Congress to update it.

The Committee notes that the U.S. Government conducted an in-depth review over the past years of which the results are expected soon. This may in part be impacted by the European Union’s new Copyright Directive which hints at potential upload filters and increases in liability for online service providers.

“The U.S. Copyright Office is expected to produce a report on Section 512 around the end of this year, the result of a multi-year process that started in 2015. Moreover, the European Union has recently issued a copyright directive that includes reforms to its analogous safe harbor for online platforms, which may have an impact on the U.S. domestic policy debate,” the letter reads.

The Judiciary Committee doesn’t take a position in this debate but it stresses that adding the widely contested safe harbor language to the USMCA and other trade agreements, would not be wise at this point.

“[W]e find it problematic for the United States to export language mirroring this provision while such serious policy discussions are ongoing,” the letter, signed by House Judiciary Committee Chairman Jerrold Nadler and Ranking Member Doug Collins reads.

“For that reason, we do not believe a provision requiring parties to adopt a Section 512-style safe harbor system of the type mandated by Article 20.89 should continue to be included in future trade agreements,” the letter adds.

The Committee urges the USTR to take the matter seriously and consider the possible changes that are coming. This largely reflects the position of several major copyright industry groups, including the RIAA.

If the language is indeed removed or changed it will be a major setback for Internet services and various digital rights groups. This includes the Re:Create Coalition , which welcomed the inclusion of these protections last year.

—

A copy of the letter sent by the House of Representatives Committee on the Judiciary to the USTR is available here (pdf) .

Source: TF , for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons .