Malware Purveyors Targeting Pirate Sites With Bogus DMCA Takedown Notices

from the tough-to-tell-who's-wearing-the-white-hats-atm dept

DMCA takedown abuse is nothing new. But it normally involves bogus takedown requests claiming copyright violations. TorrentFreak has uncovered a new form of abuse that involves the DMCA, but unlike normal copyright claims, doesn’t allow the target to contest the claims.

One of the most recent scams we’ve seen targets various popular game piracy sites, including gamestorrents.tv, fitgirl-repacks.site, freegogpcgames.com, crotorrents.com, nosteam.ro, pcgames-download.com and skidrowreloaded.com.

The notices in question are seemingly sent by prominent names in the gaming industry, such as Steam and Ubisoft. However, the sudden flurry of takedown requests appears to be initiated by scammers instead.

These scammers appear to be going after competitors. The entities behind this wave of bogus takedown notices are gaming Google’s search engine via DMCA notices. Much like shady characters trying to vanish unflattering news and blog posts from Google’s search results, these shady characters are trying to move their malicious sites higher in the rankings by targeting similar sites offering a similar selection of cracked software.

But rather than go with a straight copyright claim which could be contested and result in a reinstatement, the scammers are using another part of the DMCA — one that provides no adversarial process.

[T]he notices are not regular DMCA takedowns. Instead, they are notifications that the URLs circumvent technological protection measures such as DRM, which is separately covered in the DMCA.

“Google has been notified that the following URLs distribute copyright circumvention devices in violation of 17 U.S.C. § 1201,” Google informed the site owner.

“Please find attached the notice we received. There is no formal counter notification process available under US law for circumvention, so we have not reinstated these URLs. If you dispute that you are distributing circumvention devices, please reply with a further explanation.”

That’s the way the law works. Takedown notices claiming DRM circumvention (most pirated software involves some sort of circumvention) cannot be contested. Google is allowing replies in these cases, but what it’s doing isn’t mandated by law. Google, however, is obliged to comply with requests unless it feels the complaint isn’t legitimate. How strongly it feels sometimes depends on the manpower available… or the attention the issue is receiving elsewhere on the web.

The notices collected by TorrentFreak hardly seem legit, even with only a cursory review. They’re littered with typos and make unrealistic/absurd claims, like supposedly filing on behalf of Steam even though Steam doesn’t actually own or produce the game titles listed in the takedown notice.

As TorrentFreak notes, thousands of URLs have already been taken down, pushing malware-loaded sites higher in search listings. Internet users seeking free games now may find they’ve picked up bitcoin-mining hitchhikers after visiting these scammers’ sites.

The good news is Google is paying more attention to these takedown requests and has reinstated some URLs targeted by these malware purveyors. But the fact that this sort of search engine gaming is still effective is further proof the DMCA enables abuse by treating the accuser as inherently credible while limiting the options of those falsely accused.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Malware Purveyors Targeting Pirate Sites With Bogus DMCA Takedown Notices”

Subscribe: RSS Leave a comment
17 Comments
Christensonsays:

Anonymous Takedowns...

Pretty clearly, when bogus takedowns do bad things (how many of those?? lol) there need to be consequences for bad takedowns, or the bad takedowns need to be ignored.

Here, I’m anonymous, let me takedown everything! No recourse for your nice website there, and no consequences for me (you don’t even know my name, this came out of the NY public library), your website circumvents technical protection measures!

Seems to me the DMCA was written by lawyers who couldn’t imagine the system would be abused by a public that felt no consequences, or maybe a few lobbyists were rubbing their hands in anticipation.

Anonymoussays:

Re: Re:

What part of the DMCA requires anyone to filter search results? The law says “Nothing in this section shall enlarge or diminish any rights of free speech or the press for activities using consumer electronics, telecommunications, or computing products” and ” No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, ?”?what part does telling someone a URL violate?

Anonymoussays:

Re: Re: Re: Re:

*(1) Nothing in this section shall affect rights, remedies, limitations, or defenses to copyright infringement, including fair use, under this title.

(2) Nothing in this section shall enlarge or diminish vicarious or contributory liability for copyright infringement in connection with any technology, product, service, device, component, or part thereof.*

Literally right above the line you quoted… As for what parts of the DMCA require people to filter search results, well…

DMCA safe harbors for contributory copyright infringement (contributory copyright infringement including such things as telling other people how/where to gain unlawful access to copyrighted works) require that digital service providers have mechanisms to remove information published by third parties in response to legal notice that said information infringes copyright (DMCA takedown notices). This is not a requirement, as you pointed out, however the absence of these mechanisms is sufficient to remove the safe harbor status described in the DMCA, which would leave the digital service provider directly liable for that infringing content. Since few service providers are able/willing to take on this liability, most choose to remove such URLs.

Anonymoussays:

Re: Re: Re: Re: Re: Re:

contributory copyright infringement including such things as telling other people how/where to gain unlawful access to copyrighted works

Citation needed. The cases I’ve seen require much more than a string match; e.g. Grokster: "We hold that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties." (Google does not take "affirmative steps".)

tomsays:

Re: Re:

Also, keep in mind the DMCA was created before the Internet became a common commodity. It was targeted more at folks copying VCR tapes, DVDs and selling satellite de-scramblers.

IIRC, there have been a tweak or two to address Internet issues but a lot of the law doesn’t really fit will in the Internet age.

Christensonsays:

Re: Re: Re: Re:

Just think:
The judiciary committee yesterday made fools of themselves not understanding how google, of all things, works!

And Hillary??? She can do e-mail on a blackberry but not a PC, according to reports.

P.S. Since I’m still anonymous, and still not personally liable in any way for my frauds taking down nice websites, here is my advertisement for my 100% no non-infringing uses denuvo-cracking computer with a nice GPU on it. Just insert the game, wait a few hours. (Oh, my, now you are really messed up!)

That One Guysays:

Re: Re: wow

‘All sites are equal. Some sites however are more equal than others.’

You could try, but unlike those that go after ‘minor’ sites you can be sure that anything aimed at a major agency/company would actually be manually reviewed, and even assuming it slipped through they would be able to get the takedown reversed.

Cray Z Amisays:

So those claims of pirate sites with malware are true...

And the stories you ran here denying that were/are not true.

Now, WHO does Techdirt blame? — DMCA, of course!

further proof the DMCA enables abuse by treating the accuser as inherently credible while limiting the options of those falsely accused.

First, "pirate" sites can’t be falsely accused. Details may be wrong, but they’re not innocent.

Second, in all law, first to make an accusation has advantage.

But it’s only due to Techdirt’s pro-pirate bias that this is seen as a problem. It’s a hoot for me!

It’s likely rival pirate sites which are doing this, because "piracy" now is not based on "sharing", but has turned commercial, brazenly gaining money by using the valuable products that others make (and without ever paying a cent for the content, key point of masnickism).

The commercial aspects justify more "draconian" enforcement too. You pirates are now supporting GREED, and it’s entirely unjustifiable greed because the sites don’t put a cent into prior or more production. Wake up and start respecting the law, giving rewards to those who actually make the products that you like, kids. — You in the West don’t even have excuse of can’t afford content. Maybe not ALL that you want, but you’re not starving. You are simply THIEVES by choice.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Report this ad??|??Hide Techdirt ads
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...
Older Stuff
12:25 Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks (6)
10:50 Missouri Governor Doubles Down On 'View Source' Hacking Claim; PAC Now Fundraising Over This Bizarrely Stupid Claim (45)
10:45 Daily Deal: The All-in-One Microsoft, Cybersecurity, And Python Exam Prep Training Bundle (0)
09:43 Want To Understand Why U.S. Broadband Sucks? Look At Frontier Communications In Wisconsin, West Virginia (8)
05:36 Massachusetts College Decides Criticizing The Chinese Government Is Hate Speech, Suspends Conservative Student Group (71)
19:57 Le Tigre Sues Barry Mann To Stop Copyright Threats Over Song, Lights Barry Mann On Fire As Well (21)
16:07 Court Says City Of Baltimore's 'Heckler's Veto' Of An Anti-Catholic Rally Violates The First Amendment (15)
13:37 Two Years Later, Judge Finally Realizes That A CDN Provider Is Not Liable For Copyright Infringement On Websites (21)
12:19 Chicago Court Gets Its Prior Restraint On, Tells Police Union Head To STFU About City's Vaccine Mandate (158)
10:55 Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones (8)
10:50 Daily Deal: The MacOS 11 Course (0)
07:55 Suing Social Media Sites Over Acts Of Terrorism Continues To Be A Losing Bet, As 11th Circuit Dumps Another Flawed Lawsuit (11)
02:51 Trump Announces His Own Social Network, 'Truth Social,' Which Says It Can Kick Off Users For Any Reason (And Already Is) (100)
19:51 Facebook AI Moderation Continues To Suck Because Moderation At Scale Is Impossible (26)
16:12 Content Moderation Case Studies: Snapchat Disables GIPHY Integration After Racist 'Sticker' Is Discovered (2018) (11)
13:54 Arlo Makes Live Customer Service A Luxury Option (8)
12:05 Delta Proudly Announces Its Participation In The DHS's Expanded Biometric Collection Program (5)
11:03 LinkedIn (Mostly) Exits China, Citing Escalating Demands For Censorship (14)
10:57 Daily Deal: The Python, Git, And YAML Bundle (0)
09:37 British Telecom Wants Netflix To Pay A Tax Simply Because Squid Game Is Popular (32)
06:41 Report: Client-Side Scanning Is An Insecure Nightmare Just Waiting To Be Exploited By Governments (35)
20:38 MLB In Talks To Offer Streaming For All Teams' Home Games In-Market Even Without A Cable Subscription (10)
15:55 Appeals Court Says Couple's Lawsuit Over Bogus Vehicle Forfeiture Can Continue (15)
13:30 Techdirt Podcast Episode 301: Scarcity, Abundance & NFTs (0)
12:03 Hollywood Is Betting On Filtering Mandates, But Working Copyright Algorithms Simply Don't Exist (66)
10:45 Introducing The Techdirt Insider Discord (4)
10:40 Daily Deal: The Dynamic 2021 DevOps Training Bundle (0)
09:29 Criminalizing Teens' Google Searches Is Just How The UK's Anti-Cybercrime Programs Roll (19)
06:29 Canon Sued For Disabling Printer Scanners When Devices Run Out Of Ink (41)
20:51 Copyright Law Discriminating Against The Blind Finally Struck Down By Court In South Africa (7)
More arrow