A major illegal piracy streaming service was dismantled in a joint operation led by Italy’s Postal and Cybersecurity Police Service, in collaboration with Europol, Eurojust, and a specialized cyber team connected to the UK’s National Cyber Security Centre (NCSC).
The investigation, which is still ongoing, also revealed that the service was being exploited to distribute malware.
Around 270 Postal Police Officers, alongside officials from various law enforcement agencies, conducted raids in multiple locations across Italy, the UK, Netherlands, Romania, Hong Kong, China, Switzerland, Sweden, and Croatia. These efforts led to the arrest of 96 individuals linked to the operation.
Catania Police, which spearheaded the operation, confirmed that the infrastructure based in Romania and Hong Kong was disrupted under the operation codenamed “Taken Down.” They refuted media reports claiming that the infrastructure was being used to distribute malware. However, a source from Telegram suggested that the service, which posed as an IPTV provider, offered special services to premium users, some of whom may have used the platform to distribute malware. This claim remains under investigation.
It’s already well-known that piracy websites, particularly those streaming illegal movies and games, often serve as hotspots for malware. These sites attract huge traffic, generating millions in revenue from pop-up ads and clickbait. According to statistics from the Italian Postal Police and Catania’s Prosecutor’s Office, the “Taken Down” operation dismantled a service infrastructure that served more than 22 million users and earned approximately $265 million monthly.
Law enforcement officials warn that such fraudulent streaming services pose a serious threat to the global movie industry, which loses an estimated $10 billion annually due to piracy.
To put the current cybersecurity landscape into perspective, pirated movie streaming services can compromise the devices of viewers in several ways. These services can monitor users’ activities, steal sensitive information such as banking details, slow down devices, display intrusive pop-up ads (often with inappropriate content), and even turn the infected device into a crypto-mining node or a platform for delivering malicious payloads.
Ad