Friday, October 16, 2020

TorrentFreak's Latest News

 

Cloudflare Ordered to Block Pirate Music Site Following Universal Music Lawsuit
Andy Maxwell, 16 Oct 05:17 PM

cloudflareCDN company Cloudflare has grown to become one of the most useful and important companies on the Internet, serving millions of websites that in turn serve countless millions of users of their own.

One of Cloudflare's key aims is to be viewed as a neutral intermediary but that status is being chipped away by elements of the entertainment industries. The problem is that some of Cloudflare's customers are pirate sites but as a service provider, Cloudflare insists that passing on complaints should be enough.

The music and movie industries, on the other hand, would like Cloudflare to either stop doing business with 'bad players' or take more responsibility for their actions.

Cloudflare Won't Compromise So Legal Action Followed

Cloudflare is tied up in several lawsuits around the world, not for its own actions per se, but for the actions of some of its customers. In Germany there has just been a very interesting development, one that could have far-reaching consequences for how Cloudflare does business there.

Back in February, Germany-based visitors to pirate music site and Cloudflare customer DDL-Music.to were served with a rare 'Error 451' by Cloudflare, meaning that the site had been made inaccessible for legal reasons. At the time, no other information had been made public but as the days passed, a clearer picture emerged.

Complaint Filed By Universal Music GmbH

Early June 2019, Universal Music GmbH (Germany) sent a copyright infringement complaint to Cloudflare after finding links on DDL-Music to tracks by German singer Sarah Connor. The files themselves were not hosted by DDL-Music but could be found on a third-party hosting site. Universal asked Cloudflare make the tracks inaccessible within 24 hours but Cloudflare didn't immediately comply.

In a subsequent response to Universal, Cloudflare denied being responsible for the activities of DDL-Music. It suggested that the label should confront DDL-Music directly, handing over an email address and details of the site's hosting provider for contact purposes.

What happened in the interim isn't clear but in December 2019 a hearing took place at the Cologne District Court, during which the court found that Cloudflare could be held liable for the copyright infringements of DDL-Music, if the CDN company failed to take action.

On January 30, 2020, the Cologne District Court went on to hand down a preliminary injunction against Cloudflare, advising that should it continue to facilitate access to the Universal content in question, it could be ordered to pay a fine of up to 250,000 euros ($270,000) or, in the alternative, the managing director of Cloudflare could serve up to six months in prison.

Preliminary Injunction Made Permanent

According to a statement issued late Thursday by German music industry group BVMI, the Cologne Higher Regional Court has now confirmed the judgment of the Cologne District Court. This means that Cloudflare must block access to the pirated music being offered on the website of DDL-Music. While Cloudflare will not be able to comply with that specific order (DDL-Music moved on a while ago) the principle stands. In Germany at least, Cloudflare can be held liable for the infringements of its users.

"Cloudflare offers a so-called CDN (Content Delivery Network), which is misused by structurally copyright-infringing websites in order to evade legal prosecution through anonymization. The Cologne Higher Regional Court has now put a stop to this: It has obliged Cloudflare to block customer content that has been reported to it by rights holders, or otherwise block the customer's entire website," BVMI's statement reads.

Decision Welcomed By the Music Industry as a Tool to Fight Piracy

According to BVMI, the decision of the court is particularly noteworthy since it's the first time that a higher regional court has confirmed an injunction against "an anonymization service" that conceals the identities of the servers operated by pirate sites. This decision will make that more difficult in future, the group says.

"The decision of the Cologne Higher Regional Court strengthens the position of rights holders in an important field and is a clear signal: A service that helps others to evade legal prosecution through anonymization is also illegal," comments BVMI CEO, Dr. Florian Drücke.

"The decision is a further success for our industry against offers on the Internet that cause considerable damage to creatives and their partners and whose business models are based on generating considerable income with third-party content without acquiring licenses for this content."

René Houareau, Managing Director of Law & Politics at the BVMI says the importance of the decision cannot be underestimated.

"Little by little we are getting closer to the modern understanding of the responsibility of all players on the Internet – especially through ambitious court decisions like this one," Houareau says.

"An anonymization service may not allow third-parties to distribute illegal offers while disguising the identity of the servers of structurally infringing websites. In other words, excuses no longer apply in such cases. The services have to recognize more and more that some smoke screens no longer work."

The developments in Germany arrive on the heels of a similar court ruling in Italy, which also went against Cloudflare. Following a complaint from TV platform Sky Italy and Italy's top football league Serie A, Cloudflare is now required to block the domain names and IP-addresses of a pirate IPTV service. In that matter, Cloudflare argued that it merely passes on traffic, but the court wasn't convinced.

From: TF, for the latest news on copyright battles, piracy and more.

Pirate Streaming Hoster "Go Unlimited" Hacked on Behalf of Competitor
Ernesto Van der Sar, 16 Oct 09:23 AM

go unlimitedWith millions of views per month, Go Unlimited is one of the most popular hosting services for pirate streaming sites.

Most video hosting services try to avoid a pirate stigma whenever they can, but that's not the case for this one.

DMCA Ignored Hosting

The hosting service, which was founded by a Kuwaiti entrepreneur named Bader, launched in 2016 with the aim of being a 'takedown resistant' platform. The operator runs several video streaming sites including Fushaar.com and launched Go Unlimited due to a lack of stable video hosts.

As other sites were plagued by takedown requests from copyright holders he created his own to bypass this problem.

"Thanks to our techniques, by hiding the original source of the videos and misleading the networks providers, we were able to ignore the DMCA takedown requests," Bader previously informed us.

Go Unlimited Was Hacked

At the time of writing, Go Unlimited has a much bigger problem than copyright holders. Yesterday afternoon the site went down and soon after several sources said that the site had been hacked.

We are generally very reserved in reporting on hacking claims, especially after the alleged hacker reached out directly. However, due to the size of the site and the seriousness of the information we received, this one was hard to ignore.

TorrentFreak spoke to the hacker who explained that Go Unlimited was targeted because Bader allegedly DDoSed a friend, who operates a competing site. To help out this friend the hacker decided to retaliate, starting with a massive DDoS attack yesterday.

This attack took out Go Unlimited for several hours. However, it was supposedly just a distraction for something bigger. While Go Unlimited was busy mitigating the DDoS attacks, the site's servers were reportedly compromised and later wiped.

Usernames and Plaintext Passwords

The attacker shared several screenshots of the information he obtained, including a recent database copy. This includes usernames, plaintext passwords, emails, as well as payout details, including amounts.

database

All information appears to be legitimate. We ran some tests to confirm that the database screenshots indeed came from Go Unlimited, which passed. For example, when we shared the unique ID of a Go Unlimited file, the hacker could find the associated info within seconds.

Needless to say, Go Unlimited users should immediately change their passwords to prevent their accounts from being compromised. The hacker informs us that he doesn't have any plans to share the user data in public, but that's no guarantee.

All signs suggest that the goal of this attack is much more personal. It comes down to a feud between competitors that got out of hand. The hacker wasn't willing to share the name of his friend's site, but his demands to Bader are clear.

1 Bitcoin…

After the servers were compromised, the attacker copied all data and wiped the servers. Some data was later restored, presumably with dated backups. However, the hacker says he is willing to return all recent data, including 444 Terabytes of videos, in exchange for 1 Bitcoin.

The question remains whether paying up is the best option. After all, how do you know that you can trust that this will really resolve the problem?

Rootkits?

After the servers were initially restored yesterday evening they were later wiped again. According to the information we received the attacker installed rootkits, which means that the servers could still be compromised at the time of writing.

Most of this information comes from a single source, which makes it a little one-sided. However, given the gravity of the allegations and the fact that others are picking them up too, we felt that it is our duty to share what information we have.

We also reached out to Go Unlimited which confirms that they were "attacked very aggressively." Bader danies that the database was compromised, however, and suggests that the hacker is sharing fake information from the competitor's database.

The information we have seen suggests that the hack appears to be legitimate, but if more information becomes available we will update this article accordingly.

From: TF, for the latest news on copyright battles, piracy and more.

 
 
Powered by Mad Mimi®A GoDaddy® company

No comments: