The European Commission is no stranger when it comes to addressing the online piracy problem.
Europe’s governing body facilitates piracy research and helps to arrange voluntary anti-piracy agreements. In addition, it releases its own bi-annual list of notorious pirate sites.
Most of these efforts aim to address external problems but this week we learned that the EU also has a piracy issue within its own ranks, one that deserves immediate attention.
Scammers Exploit European Union Websites
As it turns out, scammers have started to abuse the European Commission’s official website to advertise dubious ‘pirate’ sites. These advertisements come in the form of PDFs which are uploaded through public EU portals.
The abuse is broad and affects a variety of platforms. These include the Commission’s “Joinup” initiative which bills itself as the “one-stop shop for interoperable, open, and free digital government ICT solutions.”
Other sections of the official European Union site are also affected, including the European Union Observatory for Nanomaterials (EUON), the European Chemicals Society (ECHA), and the European community of adult learning professionals (EPALE).
Thousands of ‘Piracy’ Ads
TorrentFreak has found thousands of scammy PDF files on these sites that advertise ‘free’ access to copies of recent movies such as Black Adam, Nope, Enola Holmes, and Vesper. The documents are filled with keywords including the names of popular pirate sites such as 123movies and Fmovies.
One example is shown below, but there are many others in circulation, all inviting people to click on the image which has an embedded link.
“Are you looking to download or watch the new Nope online? Nope is available for Free Streaming 123movies. Nope full movie streaming is free here! Just click play below, and enjoy Nope streaming online – all without any registration or credit card required!”
The links we followed point to gatto.fun, which looks like a piracy site. However, streaming or downloading anything seems impossible. Instead, it redirects to other scammy URLs that are branded as malicious by several anti-virus companies.
It’s not uncommon for scammers to lure people with fake pirated content but these advertisements are not commonly seen on government websites.
The European Commission didn’t immediately respond to our request (see update at the bottom) for comment but is now aware of the problem since some of the PDFs have started to disappear. That said, plenty remain available at the time of writing.
It’s not immediately clear how the scammers uploaded these PDFs. It seems likely that they used public upload functionalities, instead of actually hacking the European Union sites.
The EU’s Joinup initiative currently informs visitors that it is no longer possible to create new accounts. This could in part be a temporary measure in response to the recent influx of scammers.
The scammers have struck gold by exploiting the EU websites. These official portals are seen as authoritative by search engines such as Google. As a result, the scammy PDFs are now among the top results for several piracy-related queries.
For example, when we searched for “watch vesper 2022 online for free” a scammy PDF on the European Chemicals Society website was the top result in Google.
How many people fall for these dubious advertisements is unknown. Most people will probably recognize the scams right away. Then again, it requires only a few victims to make it worthwhile for the scammers.
Update: A spokesperson for the European Commission informs us that they are aware of the issues.
“We have identified the origin of the incident. Concerned platform stakeholders have already taken the necessary measures such as removal of suspicious files and blocking further attempts for uploading them.”
“We are closely monitoring the situation and continue scanning websites for suspicious files. We cannot comment further on ongoing investigations.”
“On a general note, we must stress that we take cybersecurity very seriously and apply strict policies to protect our infrastructures, data and devices. We investigate every incident.”
TorrentFreak confirmed that the problem still persist. Some suspicious PDFs continue to get through today. Perhaps the Commission should consider an upload filter.