The Internet is littered with shady IPTV services that offer a lot, for very little money.
These deals often seem too good to be true and in most cases they are; at least for those who prefer to stay on the right side of the law.
Pirate IPTV Raid
This week, Dutch fiscal police (FIOD) landed a major success in the battle against this type of piracy by shutting down one of Europe’s largest IPTV operations. This wasn’t just a random target either. The operation presumably offered its services to countless smaller IPTV sellers, which served over a million subscribers.
Little detail was released about the main defendants but authorities report that four people were arrested. The available information also suggests that GLOBE Datacenter was a key target. This makes sense as its website and network have been offline for two days now, downtime matched by the company’s Twitter feed.
Speaking with TorrentFreak, FIOD confirmed that it won’t release any names of suspects at this point. However, police say that 1,200 servers were intentionally taken offline at a data center, which was allegedly operated by one of the main suspects.
While IPTV raids are not rare, we seldom see an entire commercial data center taken offline in the process. This would suggest that police had information that the hardware and network were almost exclusively used to facilitate the alleged criminal activity.
Legitimate Businesses go Offline
Looking at the sites that were hosted on GLOBE’s autonomous system number (AS212708), we indeed see many IPTV-related domains and IP-addresses. These include nextiptv.org, iptvextrema.com, mercuryiptv.com and many others.
There are some clear outliers too, including local businesses such as a vacation rental park, painters, a dentist, a pedicure salon, a crane company, and a typically Dutch flower bulbs seller. These and many other sites became unreachable and are still offline today.
Needless to say, these businesses are not suspects in any way. The sites were hosted on a shared IP-address – assigned to a smaller ‘local’ hosting company – that happened to use GLOBE’s infrastructure. Unfortunately, the damage is real.
Real Companies, Real Trouble
TorrentFreak spoke to a representative of one of the companies involved, who confirmed that its website was taken down in the raid. This understandably caused a lot of issues, as customers and clients often visit a company’s website to get in touch or make a booking.
From what we can see, the fallout is relatively contained to a few dozen domains. That said, those who are affected still have to deal with the fallout. For several companies, email accounts stopped working as well, causing more issues.
When confronted with this collateral damage, a FIOD spokesperson initially told us that unrelated sites were not supposed to be hit. We were asked us to compile a list of affected websites which we sent via email yesterday. This list actually wasn’t hard to find using public information.
One of the affected companies informed us today that they were approached by FIOD after the raid, but it’s unclear if and how the situation will be resolved. We approached FIOD for comment and received a response shortly before publication.
Fiscal Police Responds
FIOD and the prosecution service (OM) confirmed that the data center was in large part used for illegal purposes. It appears that one of the employees, a suspect in this case, also operated a hosting company for small and mid-sized companies (SMEs).
“The decision to shut down the data center in question was prompted by the fact that our investigation showed that the majority of the data center consisted of illegal (video streaming) services. On-site investigations confirmed this,” FIOD’s spokesperson says.
“One of the employees of the data center, also a suspect in the investigation, apparently had the additional function of providing IT services to SMEs. These companies are the victims of the aforementioned illegal main function of the data center, on which FIOD and OM had to act.”
The data of the innocent companies has not been seized and FIOD encourages the GLOBE employee who operated their hosting company to assist in the recovery of the affected websites.
“FIOD and OM do their best to ensure that the relevant SMEs have access to their data. The servers on which this data is stored are not seized. FIOD and OM also encourage the aforementioned employee from the data center to represent the interests of these companies,” the FIOD spokesperson said.
When hundreds of servers are taken offline it is hard to completely rule out collateral damage. The same happened when The Pirate Bay and Megaupload were raided. In this case, however, it seems that more research could have potentially prevented some of the fallout.