For the past four years, Brazilian authorities, entertainment industry groups and their anti-piracy partners have celebrated a new annual event.
Every year, a new phase of “Operation 404” occurs and the champagne stoppers fly as hundreds of hacking websites and apps are removed, banned, or otherwise shut down.
In 2022, 226 websites and 461 hacking apps were reported to have fallen into the 404-4 process due to the combined efforts of local authorities and their international partners. Even the US government stepped in to take over a few hacking domains last month.
Last year’s wave, Operation 404-3, either shut down or blocked 334 hacking websites as well as 94 hacking apps. Operation 404-2 took place in 2020, resulting in 252 hacker websites and 65 pirated streaming apps being handed the same fate. The inaugural 2019 phase — the original 404 process — resulted in claims of 210 illegal sites and 100 illegal apps.
That’s a grand total of 1,022 websites and 720 apps for hacking. A lot by all accounts.
Nagra says it plays a key role in Operation 404
As the dust settles this week, anti-piracy firm Nagra revealed that it was part of the large coalition that helped carry out the latest wave of Operation 404.
American company He said She was working with the Latin American Anti-Piracy Organization Alianza Its counter-piracy operations team was on the ground helping coordinate, testify and capture evidence last month.
“NAGRA has supported law enforcement for this type of operation for more than two decades and has a global reach for these types of operations,” said Pascal Mitral, Vice President Legal and Head of Counterpiracy Intelligence, Investigations and Litigation at Nagra.
Nagra’s timing was right. A little while ago, we became aware of a discussion about Nagra’s work based on publicly available documents on a regional advertising regulator website with offices across South America.
It shows that the Nagra counter-piracy team is playing what appears to be an important role in supporting the core goals of Operation 404 – not just a single day, but an ongoing effort over a much longer period of time. In 2017, we reported on Nagra’s operations tackling IPTV piracy and five years later, the company is still moving forward.
Nagra focus on pirate IPTV services and applications
Nagra’s partner, the Alianza anti-piracy group, has several members including pay-TV operators DirecTV, Telefonica and SKY Brazil, pay-TV operators including Discovery, ESPN, Fox and Globosat as well as HBO and LaLiga, the Spanish soccer league.
Although absent from the image below, we understand that Alianza is also collaborating with other anti-piracy partners including the Alliance for Creativity and Entertainment, the MPA, and the music industry’s IFPI.
In mid-2021, Alianza presented its Nagra Special Report revealing some of the most popular set-top boxes being announced in South America, including those with live IPTV, VOD, and key-sharing capabilities – which are exactly the kinds of devices the authorities are describing. It threatens legitimate content markets.
The report also detailed what the companies thought were the most popular pirate IPTV services in South America at the time – ultraiptv.org, latinosiptv.com, megaplay.app and megaiptvlat.com. They sit at the top of a fairly long list, and at the time of writing, they all appear to be business as usual, outside of South America at least.
The most famous regional pirate streaming sites of the time were also listed – futbollibre.net, rojadirectatv.tv, TVlibre.net, remeotvplay.com and rojadirecta.me. Again, just the top five in another long list and it all seems to work, unlike Sportsbay.org which scared Nagra and DISH out of hiding last year with a US lawsuit.
Discover a working Nagra application
Given the growing numbers of apps that facilitate access to pirated content, it’s not surprising that Nagra has a rolling program to identify and then disable as many apps as possible. Nagra appears to have launched a new app discovery program in the summer of 2019, dedicated to advocating for Alianza members in South America. Over the next year, he removed nearly 300 hacking apps; Global removal numbers are supposed to be much higher.
In the 12-month period between September 2020 and August 2021, Nagra reportedly continued to press. The data shows that it has suspended 318 streaming apps that offer free access to pirated content and an additional 275 that require payment to use – 593 in total. The most popular app with a million downloads was Cuevana 3 Premium, with copies found on APKCombo and perhaps surprisingly, Google Play.
A short excursion around Google Play and this week’s APKCombo shows several apps using similar brands, some with as many as 100,000 downloads but more with over 1,000. It seems that while removing hacking apps, hackers waste no time in bringing them back up again. other.
This raises the inevitable question – are these types of removals (no matter who takes them, anywhere in the world) targeting new apps each time or cosmetically different apps that use the same range of backend content? It is very difficult to identify every APK without analyzing each file, but while hackers react quickly, they are not that Rapid in developing new sources of streaming content.
Whac-a-Mole, Whac-a-Clone
What is clear now is that lower-level hackers are exceptionally good at renaming or renaming similar applications and re-uploading them to new URLs. It’s exactly the kind of behavior that a much needed “remove/stop” system might be able to handle, with “maybe” being the working word.
For example, data shows that a specific Cuevana 3 app was removed by one developer from APKCombo in response to a complaint. At the time, it had over a million downloads. While a quick scan of this specific application reveals that it is no longer located at the original URL, the problem has not gone away.
The same developer behind the previous “Premium” variant is currently offering “Plus” and “Pro” variants instead. These apps have different file sizes and different looks but overall, much of the same functionality. As a result, some may see this kind of resurrection as a win for the Pirates but there is a bigger picture to consider.
When a new app has to hack it from scratch after it’s been removed, it lacks the acknowledgment of the “1M+ download” next to its name, which means regaining momentum is even more difficult due to poor visibility and waning trust. Over time, this kind of disruption can also have an impact on developer morale, leading to less availability of infringing content.
As things stand, the classic whac-a-mole situation can’t be easily countered, but Nagra still enjoys huge success when it comes to removing offending streaming apps from several online platforms. The anti-piracy group’s work seems to break the strides of apps with large followings which means they have to rebuild their reputation, which takes time.
According to the data, Nagra sent 62 complaints to APK Combo in August 2021 and all 62 apps were removed – with a compliance rate of 100%. In the same month, 30 complaints were sent to Google Play and all 30 apps were removed. The perfect streak was extended when the online marketplace Aptoide received eight complaints and removed an equal number of apps.
46 complaints were submitted to another app repository, Download APK, and 45 complaints were removed. 25 complaints were sent to APK Pure but it only removed three apps that month. However, an action may have been taken during the next reporting period, which may have skewed the previous month’s results.
Share Pirate IPTV playlist
Another area that Nagra focuses on is IPTV playlist sharing. Most people are aware that IPTV services offer paid subscriptions, accessed via a portal with a dedicated decoder or via clickable .M3U/.M3U8 (playlist) files. These are compatible with many media players, VLC for example.
However, there are also many online communities where .M3U/.M3U8 playlist files (containing usernames and passwords for paid accounts) can be downloaded for free.
The reliability of these playlist files can vary widely, from not working at all or working for a short time, to offering thousands of channels in good quality for long periods of time. Without a cost, most people don’t complain but these lists are a growing problem for rights holders.
In a 24-month period between 2019 and 2021, Nagra removed nearly 9,500 of these types of playlists. In August 2021 alone, the company removed nearly 270 playlists that provided illegal access to more than 33,300 TV channels, movies, and TV shows — possibly even all three in some cases. While this does little to remove essential content, playlists provide an opportunity for intelligence gathering.
Not just a Whac-a-Mole
It’s interesting to note that Nagra doesn’t just remove playlists and apps, rinse and repeat them, ad nauseam. According to her reports, when apps and playlists are brought to the company’s attention as potentially violating, they are tested and then categorized according to functionality.
This means that if a legitimate app is found, it will be labeled as such and left alone in the future. Offending apps may still exist upon investigation. The apps seen before are categorized based on whether they are free to use or paid.
When new apps emerge, they undergo network traffic analysis in order to a) show that they are in fact infringing and b) track down the sources of the infringing content. Since many hacking apps use a fairly limited range of sources, identifying those vendors can be more useful than just hitting what are, in many cases, just apps that act as great web browsers.
So what about 404 process takedown claims?
As mentioned earlier, the official announcements regarding Operation 404 claim that 1,022 websites and 720 hacking apps have been taken down. The relevant authorities have not mentioned the names of the websites nor named a single application yet.
It’s certainly not unusual, but as the totals get bigger and bigger, one has to wonder what really lies behind the headline numbers.
Nagra’s numbers, which roughly coincide with the first wave of the 404 process and through what appears to be a third wave, show that nearly 600 apps were successfully deleted by the company. Whether these form part of the total of 720 apps mentioned by the authorities or should be added on top of that total is not clear.
In either case, it seems likely that this large size could only be maintained by iterating several functionally similar implementations. At least as far as we know, there are not many apps available in the market, at least those that have their own content sources.
Add to the mix that this project only covers a select group of rights holders’ content in one geographic area, the scale of the global challenge regarding all infringing applications should be a daunting prospect for rights holders right now. However, the challenge is not to stay away from it.
Over time, it’s likely that legislative changes will make it more difficult to revive apps, which means that when apps are removed, they’ll be less likely to reappear in the same place. Pirate apps won’t run out anytime soon, but over time the market is likely to get a lot more chaotic.
Rights holders aim for that and more. And as history has shown, they are in this for the long haul and will do whatever it takes.