Disruption of CINEMAGOAL Piracy App
Italian authorities have successfully dismantled a piracy ecosystem centered around the CINEMAGOAL app, which provided unauthorized access to various streaming platforms, including Netflix, Disney+, and Spotify.
The CINEMAGOAL app used a stealthy approach, where customers installed the app on their devices, unlike typical IPTV service providers that openly market themselves online. During the large-scale anti-piracy operation called “Tutto Chiaro” (All Clear), Italian law enforcement conducted 100 searches across the country and seized materials to help investigators identify involved individuals and determine the amount of illegal profits.
Operation and Profit
According to Guardia di Finanza, the law enforcement agency operating under the Ministry of Economy and Finance, the operators of CINEMAGOAL likely made millions of euros from audiovisual piracy, unauthorized computer access, and computer fraud. The app connected directly to legitimate streaming platforms and authenticated using valid decryption codes fetched from foreign servers.
The system used virtual machines in Italy to capture valid authentication/decryption codes from legitimate subscriptions every 3 minutes and redistribute them to customers. These legitimate subscriptions were opened using false identification data on Sky, DAZN, Netflix, Disney+, and Spotify.
Advanced Security Bypass
Authorities highlight that CINEMAGOAL not only evaded blocks but also offered superior streaming quality, as users streamed content directly from the service rather than receiving a pirate stream, and masked customers’ real IP addresses. Guardia di Finanza explains that the system was "a highly advanced and previously unseen system that not only bypassed the security blocks implemented by the platforms, but also increased viewing quality, reducing the possibility that end users could be ‘intercepted’" by the control system.
“Access to the aforementioned application, in fact, did not involve the use of a connection directly attributable to a specific IP address, thereby providing greater shielding for the end user.”
International Cooperation and Seizure
In an action coordinated by Eurojust, police forces seized CINEMAGOAL servers in France and Germany that contained the app’s source code and functions for decoding protected streams. 200 financial police officers participated in the operation.
The illegal streaming business had more than 70 resellers, who sold annual subscriptions between €40 and €130 ($46-$150). Payments were made using cryptocurrency or to foreign bank accounts and accounts registered under fake names.
Estimated Damages and Penalties
It is estimated that CINEMAGOAL has caused damages of around €300 million ($347M) in unpaid subscription revenues over the time of its operation. Authorities are now analyzing seized material to identify all involved parties, including end users, and estimate total profits.
They have already identified many subscribers and sent penalties ranging from €154 to €5,000 ($179-$5,800) to the first 1,000 of them. The investigation into CINEMAGOAL is still in a preliminary phase, as specified by Guardia di Finanza.
Additional Action
During the same law enforcement action, an IPTV service known as “pezzotto” was also identified and dismantled.
- Netherlands seizes 800 servers of hosting firm enabling cyberattacks
- Police seize “First VPN” service used in ransomware, data theft attacks
- INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
- UK fines water supplier $1.3M for exposing data of 664k customers
- GM agrees to $12.75M California settlement over sale of drivers’ data
Source: BleepingComputer