[Most Recent Entries] [Calendar View]
Thursday, April 25th, 2019
| Time | Event |
| 8:35a | BREIN Goes After ‘Pirate’ Plex Share With Thousands of Movies and TV-Shows
Whether it’s movies, music, TV-shows, or photos, Plex can organize and index, making the content ready to stream on a wide variety of supported devices. The technology itself is content-neutral, which means that it can be used both legally and illegally. In this case illegally, due to the often copyright infringing content. Much like the Kodi platform, Plex seems to be rather popular among pirates. There are a variety of places where access to “Plex shares” are being offered, sometimes in exchange for a small fee. Those who sign up can then stream from a library of movies and TV-shows that’s regularly updated by the owner. While sharing a small Plex library privately with a few friends isn’t going to be noticed easily, things change when access to a treasure trove of pirated videos is offered in public places. This is what a Dutch Plex user learned the hard way. Earlier this week the man in question informed fellow Plex users on Tweakers that he was approached by local anti-piracy group BREIN, which had become aware that he was running a Plex share with 5,700 movies and 10,000 TV-shows. Since these were offered without permission, BREIN requested a €750 settlement plus an additional €500 for each day the share remained online. The user in question, who publicly stated that he downloaded the videos through Usenet and torrents sites, admitted his wrongdoing and swiftly complied. This is the first time we’ve seen this type of settlement with the owner of a Plex share, but it may not be the last. According to BREIN Director Tim Kuik, his organization keeps an eye on all kinds of piracy-related activity, also on Plex. “BREIN and its participants are alert on any kind of server being used to give unauthorized public access to content. In this matter we received information from a third party which enabled us to determine widespread infringement by the person in question,” Kuik informs TF. Interestingly, the audience of the Plex server, as described by BREIN, differs quite a bit from the user’s own account. The Plex user, who has removed his initial posting, said he shared with two friends and his parents. However, BREIN, which had an informant with access to the server, said the audience was substantially larger. In addition, it was being advertised in public places such as Discord and Reddit. “The customer base consisted of visitors who – for a fee or not – were given access to the media server’s library to view films and/or series,” the anti-piracy group wrote in an announcement. “Customers were also given the opportunity to submit requests for films and/or series that they would like to see, which were subsequently made available,” BREIN added.  BREIN’s statement is backed up by readers from Tweakers. In response to a news report, they posted links to Reddit posts that suggest that the user in question, or someone linked to this person, indeed offered his share with a much larger group. However, the user in question denied this. Whether the owner had just a few users on the Plex share or many more is ultimately irrelevant. The person in question admitted to downloading the files through torrents and Usenet, which in itself is against the law. The question remains how BREIN obtained the personal details that were used to send the registered letter. According to the user, the address in the letter contained a typo he made in his PayPal account. He also used a different name with PayPal, which was mentioned in the letter as well. This suggests that BREIN somehow received this information via the payment provider, but this remains unconfirmed. Plex doesn’t appear to be directly involved in the matter, as it generally informs users following copyright complaints, which hasn’t happened. We reached out to the company, which informed us that it respects user privacy as well as rightsholders’ rights. “We take our customers’ privacy extremely seriously. Per our terms of service and privacy policy, libraries are owned and managed by our customers, and we have no access to the contents of their files,” a Plex spokesperson informed TorrentFreak. “Our terms of service are very clear that we respect copyright holders’ rights and customers agree that they must have rights to the content in their libraries,” the company added. Finally, BREIN itself stresses that there’s nothing wrong with using Plex, as long as people do so legally. That is, using it to access files for which they have obtained permission. “It is permitted to use Plex with legally obtained material, as long as it’s for your own use,” the anti-piracy group notes. Those who share thousands of movies and TV-shows and share these in public, on the other hand, risk being caught at one point or another. Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons. |
| 4:01p | Mobdro Pirate Streaming App Slammed in Malware Report  In recent years, millions of users around the world have turned to Android-based applications for their piracy fix. They’re mostly free and easy to install, quickly providing access to the latest movies, TV shows, live sports, and PPV events. Entertainment industry groups have long insisted that users of these applications are putting themselves at risk of malware and similar issues, but it’s fairly uncommon for them to go into much detail. That changed today with the publication of a study carried out by the Digital Citizens Alliance in conjunction with network security company Dark Wolfe Consulting. Some of the key findings concern the popular live streaming application known as Mobdro. The researchers say that after installing the Android application, it forced an update and then forwarded their Wi-Fi name and password to a server that identified as being located in Asia. Mobdro then started to seek access to media content and other legitimate apps on the researchers’ network. “Researchers observed that the app that sent the user’s wireless name and password up to an external server in Indonesia then began probing the network and talking to any file-sharing services on the Local Area Network. It also ‘port knocked,’ a process to look for other active malware,” they write. “[A]fter the initial update, the device accepted commands from a threat actor. Those commands may come from the app itself or from the movie streams. With each selection of content, the user opens the door to a new set of commands and malicious payloads from a threat actor to a device in use.” It’s not explained how the video streams themselves could contain malware. Mobdro is believed to scrape the web for content, much like Kodi add-ons do, and security experts haven’t seen malware in video streams. However, the researchers state that the “commands in the apps or from the movie streams” were “either encrypted or encoded, making it difficult to analyze for infection.” It’s a vague statement that the study builds on, noting that encrypted commands could perform an update, retrieve malware, take part in a DDoS attack, or obtain files stored on the device or network – such as images, movies or documents. There’s little doubt that the behavior highlighted above is not something the average person would expect from a video streaming app. However, it should be noted that the Mobdro software actually asks the user to grant permission to their photos, media, files and device location. Most will blindly grant those permissions instead of declining, of course, and it sounds like the researchers followed that lead. Furthermore, in view of the researchers’ findings, it’s also worth highlighting the chaotic situation that surrounds Mobdro and many similar apps that facilitate access to illicit streams of movies and TV shows. Crucially, these aren’t allowed on official platforms like Google Play. So, where it was once pretty obvious where the ‘official’ app could be obtained, there are now a large number of ‘fake’ sites also offering ‘hacked’ variants of the software, any one of which could have experienced tampering. The researchers do not reveal the source of their installation files. Another point of interest is raised when the researchers note that the software they installed also makes it possible for a “threat actor” to log in to a user’s device and then navigate away from the device to the Internet, effectively posing as the user online. While this initially seems like a shocking claim, anyone who reads the official app’s EULA before installing the software will see for themselves that Mobdro is pretty upfront about this unpopular ‘feature’. Users of the software that choose not to see adverts find themselves agreeing to become peers on the (in)famous Luminati network, meaning that their bandwidth and IP address can indeed be used by others. It’s far from ideal (who wants their connections used by others apart from Hola users?) but the site that hosts the software makes this clear, to those who bother to read the small print at least. Which is probably very few people indeed, sadly. TorrentFreak requested comment from the operators of the official Mobdro client but at the time of publication, we were yet to hear back. The full report, ‘Fishing in the Piracy Stream: How the Dark Web of Entertainment is Exposing Consumers to Harm’ also contains information previously covered in earlier TorrentFreak articles. It can be found here (pdf)
Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons. |
Plex is a multifunctional media server that allows users to easily organize all their entertainment in one place. | << Previous Day |
2019/04/25 [Calendar] |
Next Day >> |