Last month anti-piracy initiative 'Operation 404' reportedly took down 226 websites and 461 piracy apps, a huge amount by any standard. With the dust settling this week, anti-piracy company Nagra provided more information on its role in the operation. That was timely because it leads to somewhat of a conundrum: how many apps have to be taken down before pirates simply run out?

BombOver the past four years, Brazilian authorities, entertainment industry groups and their anti-piracy partners have marked a new annual event.

Each year a new phase of ‘Operation 404’ takes place and champagne corks fly as hundreds of pirate sites and apps are taken down, blocked, or otherwise put out of action.

In 2022, a reported 226 websites and 461 piracy apps fell to Operation 404-4 due to the combined efforts of local authorities and their international partners. Even the US government stepped in to seize a few piracy domains last month.

Last year’s wave, Operation 404-3, either shut down or blocked 334 pirate sites plus 94 piracy apps. Operation 404-2 took place in 2020, leading to 252 pirate sites and 65 pirate streaming apps being handed the same fate. The inaugural phase of 2019 – the original Operation 404 – claimed 210 illegal websites and 100 illegal apps.

That’s a grand total of 1,022 websites and 720 pirate apps. A lot by any standard.

Nagra Says it Plays a Key Role in Operation 404
With the dust settling this week, anti-piracy company Nagra revealed that it was part of the large coalition that helped make the latest wave of Operation 404 happen.

The US company said it had been working with Latin American anti-piracy organization Alianza and had its anti-piracy operations team on the ground helping to coordinate, witness and capture the evidence last month.

“NAGRA has supported law enforcement for this kind of operations for more than two decades and has a worldwide reach for these types of operations,” said Pascal Métral, VP of legal affairs and head of anti-piracy intelligence, investigations and litigation for Nagra.

Nagra’s timing was spot on. A little while back we became aware of a discussion about Nagra’s work based on documents made publicly available on a regional website of an advertising regulation authority with offices across South America.

They show Nagra’s anti-piracy team playing what appears to be an important role in support of the core goals of Operation 404 – not just on one day, but a sustained effort over a much longer period of time. In 2017 we reported on Nagra’s operations tackling IPTV piracy and five years later, the company continues to press ahead.

Nagra’s Focus on Pirate IPTV Services and Apps
Nagra’s partner, the Alianza anti-piracy group, has several members including pay-TV operators DirecTV, Telefonica and SKY Brazil, pay-TV channel operators including Discovery, ESPN, Fox and Globosat, plus HBO and Spanish football league LaLiga.

Although absent from the image below, we understand that Alianza also cooperates with other anti-piracy partners including the Alliance for Creativity and Entertainment, the MPA, and the music industry’s IFPI.

alianza members
Mid-2021, Alianza presented a special Nagra report that revealed some of the most popular set-top boxes being advertised in South America, including those with live IPTV, VOD, and key-sharing capabilities – exactly the kinds of devices authorities describe as a threat to legitimate content markets.

The report also detailed what the companies believed to be the most popular pirate IPTV services in South America at the time – ultraiptv.org, latinosiptv.com, megaplay.app, and megaiptvlat.com. They sit at the top of a fairly long list and at the time of writing, all appear to be operating as normal, outside South America at least.

Also listed were the most popular regional pirate streaming websites at the time – futbollibre.net, rojadirectatv.tv, televisionlibre.net, extremotvplay.com and rojadirecta.me. Again, just the top five in yet another long list and all apparently functional, unlike Sportsbay.org which Nagra and DISH scared into hiding last year with a US lawsuit.

Nagra’s App Detection work
Considering the increasing numbers of apps facilitating access to pirated content, it’s no surprise that Nagra has a rolling program to identify and then disrupt as many as it can. Nagra appears to have launched a new app detection program in the summer of 2019, dedicated to defending Alianza’s members in South America. Over the next year it took down just short of 300 piracy apps; global takedown figures are presumably much higher.

In the 12-month period between September 2020 and August 2021, Nagra reportedly kept up the pressure. Data shows that it took down 318 streaming apps providing free access to pirated content and an additional 275 that required payment to use – 593 in total. The most popular app with one million downloads was Cuevana 3 Premium, with copies found on APKCombo and perhaps surprisingly, Google Play.

A short trip around Google Play and APKCombo this week shows many more apps using similar branding, some with as many as 100,000 downloads but even more with 1,000+. It appears that while pirate apps are being taken down, pirates aren’t wasting any time putting them back up again.

cuevana3
That raises the inevitable question – are these types of takedowns (no matter who actions them, wherever in the world) targeting new apps each time or cosmetically different apps using the same range of back-end content? Without analyzing every single APK it’s very hard to say but while pirates are quick to react, they aren’t that quick at developing new sources of streaming content.

Whac-a-Mole, Whac-a-Clone
What is obvious by now is that lower-level pirates are exceptionally good at renaming or rebranding similar apps and reuploading them to new URLs. It’s exactly the type of behavior the much-demanded ‘takedown/staydown’ regime might be able to address, with ‘might’ being the operative word.

For example, the data shows that a particular Cuevana 3 app by a single developer was taken down from APKCombo in response to a complaint. At the time it had in excess of 1,000,000 downloads. While a quick check for that specific app indeed reveals it’s no longer present on the original URL, the problem hasn’t gone away.

The same developer behind the earlier ‘Premium’ variant is currently offering ‘Plus’ and ‘Pro’ variants instead. These apps have varying file sizes and different looks but in broad terms, much of the same functionality. As a result, some might view this type of resurrection as a win for pirates but there is a bigger picture to factor in.

When a new app has to break through from scratch after being taken down, it lacks the kudos of a ‘1M+ download’ mark next to its name, meaning that regaining momentum is much more difficult due to lower visibility and diminished trust. Over time, this type of disruption can also have an effect on developer morale, leading to a reduction in the availability of infringing content.

cuevana 3 pro
As things stand, the classic whac-a-mole situation isn’t easily countered but Nagra still enjoys considerable success when it comes to removing infringing streaming apps from various online platforms. The anti-piracy group’s work appears to break the strides of apps with large followings meaning they have to rebuild their reputations, something that takes time.

According to the data, Nagra sent 62 complaints to APK Combo in August 2021 and all 62 apps were removed – a 100% compliance rate. In the same month, 30 complaints were sent to Google Play and all 30 apps were removed. The perfect streak was extended when online marketplace Aptoide received eight complaints and took down an equal number of apps.

Another app repository, Download APK, was sent 46 complaints and 45 were removed. APK Pure was sent 25 complaints but only removed three apps in that month. However, those may have been actioned during the next reporting period, potentially skewing the previous month’s results.

Pirate IPTV Playlist Sharing
Another area focused on by Nagra involves IPTV playlist sharing. Most people are aware that IPTV services offer paid subscriptions, accessed via a portal using a dedicated set-top box or via clickable .M3U/.M3U8 (playlist) files. These are compatible with many media players, VLC for example.

However, there are also many online communities where .M3U/.M3U8 playlist files (containing usernames and passwords to paid accounts) can be downloaded for free.

The reliability of these playlist files can vary dramatically, from not working at all or working for a short time, to offering thousands of channels in good quality for extended periods of time. At zero cost, most people don’t complain but these lists are a growing problem for rightsholders.

In a 24-month period between 2019 and 2021, Nagra took down almost 9,500 of these types of playlists. In August 2021 alone, the company took down close to 270 playlists providing illegal access to more than 33,300 TV channels, movies, and TV shows – perhaps even all three in some cases. While that does little to remove the underlying content, playlists present an opportunity for intelligence gathering.

Not Just a Game of Whac-a-Mole
It’s interesting to note that Nagra doesn’t just wildly take playlists and apps down, rinse and repeat, ad nauseam. According to its reports, when apps and playlists come to the company’s attention as potentially infringing, they are tested and then classified according to function.

This means that if a legitimate app is found, it will be categorized as such and left alone in the future. Infringing apps may also stay up when an investigation is underway. Apps that have been seen before are categorized based on whether they’re free to use or paid.

When new apps appear, they are subjected to a network traffic analysis in order to a) show they are indeed infringing and b) track down the sources of the infringing content. Since many pirate apps use a fairly limited range of sources, identifying those suppliers can be more useful than simply hitting what are, in many cases, just apps acting as fancy web browsers.

So What About the Takedown Claims of Operation 404?
As mentioned earlier, official announcements related to Operation 404 claim that 1,022 websites and 720 pirate apps have been taken down. The authorities involved don’t mention the names of the websites and thus far haven’t named a single app either.

That’s certainly not unusual but when the aggregated totals get bigger and bigger, one has to wonder what really lies behind the headline figures.

Nagra’s figures, roughly coinciding with the first wave of Operation 404 and through to what appears to be the third wave, show that roughly 600 apps were successfully taken down by the company. Whether these form part of the overall 720 apps mentioned by the authorities or should be added on top of that total is unclear.

Either way, it seems likely that this large volume can only be sustained by hitting multiple functionally-similar apps repeatedly. At least as far as we know, there just aren’t that many apps available in the market, at least ones that have their own content sources.

Add into the mix that this project covers only a specific set of rightsholders’ content in one geographic region, the scale of the global challenge in respect of all infringing apps must be a daunting prospect for rightsholders right now. The challenge isn’t being shied away from, however.

Over time it’s likely that legislative changes will make app resurrections much harder, meaning that when apps get taken down they’ll be less likely to pop back up again in the same place. Pirates won’t run out of apps anytime soon but over time it’s likely that the market will become much messier.

Rightsholders are aiming for that and more. And, as history has shown, they are in this for the long haul and will do whatever it takes.