Malware Purveyors Targeting Pirate Sites With Bogus DMCA Takedown Notices

from the tough-to-tell-who's-wearing-the-white-hats-atm dept

DMCA takedown abuse is nothing new. But it normally involves bogus takedown requests claiming copyright violations. TorrentFreak has uncovered a new form of abuse that involves the DMCA, but unlike normal copyright claims, doesn't allow the target to contest the claims.

One of the most recent scams we’ve seen targets various popular game piracy sites, including gamestorrents.tv, fitgirl-repacks.site, freegogpcgames.com, crotorrents.com, nosteam.ro, pcgames-download.com and skidrowreloaded.com.

The notices in question are seemingly sent by prominent names in the gaming industry, such as Steam and Ubisoft. However, the sudden flurry of takedown requests appears to be initiated by scammers instead.

These scammers appear to be going after competitors. The entities behind this wave of bogus takedown notices are gaming Google's search engine via DMCA notices. Much like shady characters trying to vanish unflattering news and blog posts from Google's search results, these shady characters are trying to move their malicious sites higher in the rankings by targeting similar sites offering a similar selection of cracked software.

But rather than go with a straight copyright claim which could be contested and result in a reinstatement, the scammers are using another part of the DMCA -- one that provides no adversarial process.

[T]he notices are not regular DMCA takedowns. Instead, they are notifications that the URLs circumvent technological protection measures such as DRM, which is separately covered in the DMCA.

“Google has been notified that the following URLs distribute copyright circumvention devices in violation of 17 U.S.C. § 1201,” Google informed the site owner.

“Please find attached the notice we received. There is no formal counter notification process available under US law for circumvention, so we have not reinstated these URLs. If you dispute that you are distributing circumvention devices, please reply with a further explanation.”

That's the way the law works. Takedown notices claiming DRM circumvention (most pirated software involves some sort of circumvention) cannot be contested. Google is allowing replies in these cases, but what it's doing isn't mandated by law. Google, however, is obliged to comply with requests unless it feels the complaint isn't legitimate. How strongly it feels sometimes depends on the manpower available... or the attention the issue is receiving elsewhere on the web.

The notices collected by TorrentFreak hardly seem legit, even with only a cursory review. They're littered with typos and make unrealistic/absurd claims, like supposedly filing on behalf of Steam even though Steam doesn't actually own or produce the game titles listed in the takedown notice.

As TorrentFreak notes, thousands of URLs have already been taken down, pushing malware-loaded sites higher in search listings. Internet users seeking free games now may find they've picked up bitcoin-mining hitchhikers after visiting these scammers' sites.

The good news is Google is paying more attention to these takedown requests and has reinstated some URLs targeted by these malware purveyors. But the fact that this sort of search engine gaming is still effective is further proof the DMCA enables abuse by treating the accuser as inherently credible while limiting the options of those falsely accused.

Filed Under: competition, copyright, dmca, malware, takedowns


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Christenson, 12 Dec 2018 @ 11:54am

    Anonymous Takedowns...

    Pretty clearly, when bogus takedowns do bad things (how many of those?? lol) there need to be consequences for bad takedowns, or the bad takedowns need to be ignored.

    Here, I'm anonymous, let me takedown *everything*! No recourse for your nice website there, and no consequences for me (you don't even know my name, this came out of the NY public library), your website circumvents technical protection measures!

    Seems to me the DMCA was written by lawyers who couldn't imagine the system would be abused by a public that felt no consequences, or maybe a few lobbyists were rubbing their hands in anticipation.

    reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 12 Dec 2018 @ 12:03pm

      Re: Anonymous Takedowns...

      How to Prove it..
      Call the companies??
      And they will say what??(a few answers here)(WOW why didnt we think of that...is a good one)

      reply to this | link to this | view in chronology ]

      • icon
        ECA (profile), 12 Dec 2018 @ 12:05pm

        Re: Re: Anonymous Takedowns...

        REALLY..
        its a great idea...
        Get a 3rd party to send bogus DMCA notices..
        The companies and corps arent responsible..and if called(depending) they can say anything..

        After it works, with all the confusion..
        A bunch of persons get hit by Malware, and people will get abit Scared..

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Dec 2018 @ 11:59am

    "one that provides no adversarial process"

    So much for due process, you're guilty - the truth be damned.

    reply to this | link to this | view in chronology ]

  • icon
    Mason Wheeler (profile), 12 Dec 2018 @ 11:59am

    Wow, just when you think the DMCA can't get any worse! What were the lawmakers thinking when they created this part of the statute?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Dec 2018 @ 12:02pm

      Re:

      "What were the lawmakers thinking when they created this part of the statute?"

      They didn't, influential money did. Lawmakers do not write laws anymore, they take payment for allowing the wealthy to write the laws. No wonder the laws make no sense.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Dec 2018 @ 1:39pm

      Re:

      What part of the DMCA requires anyone to filter search results? The law says "Nothing in this section shall enlarge or diminish any rights of free speech or the press for activities using consumer electronics, telecommunications, or computing products" and " No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, …"—what part does telling someone a URL violate?

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 12 Dec 2018 @ 4:12pm

        Re: Re:

        *(1) Nothing in this section shall affect rights, remedies, limitations, or defenses to copyright infringement, including fair use, under this title.

        (2) Nothing in this section shall enlarge or diminish vicarious or contributory liability for copyright infringement in connection with any technology, product, service, device, component, or part thereof.*

        Literally right above the line you quoted... As for what parts of the DMCA require people to filter search results, well...

        DMCA safe harbors for contributory copyright infringement (contributory copyright infringement including such things as telling other people how/where to gain unlawful access to copyrighted works) require that digital service providers have mechanisms to remove information published by third parties in response to legal notice that said information infringes copyright (DMCA takedown notices). This is not a requirement, as you pointed out, however the absence of these mechanisms is sufficient to remove the safe harbor status described in the DMCA, which would leave the digital service provider directly liable for that infringing content. Since few service providers are able/willing to take on this liability, most choose to remove such URLs.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 13 Dec 2018 @ 6:32am

          Re: Re: Re:

          contributory copyright infringement including such things as telling other people how/where to gain unlawful access to copyrighted works

          Citation needed. The cases I've seen require much more than a string match; e.g. Grokster: "We hold that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties." (Google does not take "affirmative steps".)

          reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 12 Dec 2018 @ 2:44pm

      Re:

      'That's a feature, not a bug'.

      They were thinking that the law should be as entirely one-sided as possible, and in that case it's working just fine, thank you very much.

      reply to this | link to this | view in chronology ]

    • icon
      tom (profile), 12 Dec 2018 @ 3:22pm

      Re:

      Also, keep in mind the DMCA was created before the Internet became a common commodity. It was targeted more at folks copying VCR tapes, DVDs and selling satellite de-scramblers.

      IIRC, there have been a tweak or two to address Internet issues but a lot of the law doesn't really fit will in the Internet age.

      reply to this | link to this | view in chronology ]

      • identicon
        Christenson, 12 Dec 2018 @ 3:58pm

        Re: Re:

        Just think:
        The judiciary committee yesterday made fools of themselves not understanding how google, of all things, works!

        And Hillary??? She can do e-mail on a blackberry but not a PC, according to reports.

        P.S. Since I'm still anonymous, and still not personally liable in any way for my frauds taking down nice websites, here is my advertisement for my 100% no non-infringing uses denuvo-cracking computer with a nice GPU on it. Just insert the game, wait a few hours. (Oh, my, now you are really messed up!)

        reply to this | link to this | view in chronology ]

  • identicon
    stine, 12 Dec 2018 @ 6:28pm

    wow

    So, in theory, I can send one that would take down irs.gov?
    or microsoft.com? harvard.edu? I wonder if you could send one that would cause www.google.com to be taken down?

    The possibilities are endless.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 12 Dec 2018 @ 9:02pm

      Re: wow

      'All sites are equal. Some sites however are more equal than others.'

      You could try, but unlike those that go after 'minor' sites you can be sure that anything aimed at a major agency/company would actually be manually reviewed, and even assuming it slipped through they would be able to get the takedown reversed.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Dec 2018 @ 7:16pm

    Just another of copyright's spawn

    Ain't it great?

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Cray Z Ami, 12 Dec 2018 @ 7:29pm

    So those claims of pirate sites with malware are true...

    And the stories you ran here denying that were/are not true.

    Now, WHO does Techdirt blame? -- DMCA, of course!

    further proof the DMCA enables abuse by treating the accuser as inherently credible while limiting the options of those falsely accused.

    First, "pirate" sites can't be falsely accused. Details may be wrong, but they're not innocent.

    Second, in all law, first to make an accusation has advantage.

    But it's only due to Techdirt's pro-pirate bias that this is seen as a problem. It's a hoot for me!

    It's likely rival pirate sites which are doing this, because "piracy" now is not based on "sharing", but has turned commercial, brazenly gaining money by using the valuable products that others make (and without ever paying a cent for the content, key point of masnickism).

    The commercial aspects justify more "draconian" enforcement too. You pirates are now supporting GREED, and it's entirely unjustifiable greed because the sites don't put a cent into prior or more production. Wake up and start respecting the law, giving rewards to those who actually make the products that you like, kids. -- You in the West don't even have excuse of can't afford content. Maybe not ALL that you want, but you're not starving. You are simply THIEVES by choice.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Dec 2018 @ 1:37am

      Re:

      Malware purveyors are getting sites blocked with the DMCA, so the malware isn't on the sites themselves.

      Not only do you lose, but thanks for admitting once again copyright has to rely on shady, legally questionable means to get anything done.

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.