Digital watermark leads police straight to Bollywood pirates

Movie pirates have been running amok in recent months – hacking TV series and pre-release films from Netflix and Walt Disney and causing HBO to batten down the hatches with 2FA and to scupper paper scripts.

But for once, the law has scored a win. Instead of the FBI throwing up its hands and telling the studios to just pay the ransom, police have collared the pirates. As The Times of India reports, police arrested six people in India earlier this month, while one more managed to escape.

They apparently managed to track the extortionists to the specific theater where an HD print of the big hit – Bahubali: The Conclusion, which is reportedly taking the country by storm – had been unlocked with a digital key, illegally downloaded and held for ransom.

Torrent Freak explains that the movie was somehow marked forensically:

In most instances when movies are tracked in this manner, it’s because a watermark identifying the location has been transferred to a ‘cam’ copy. However, in this case the original ‘pirate’ copy had been made digitally. This meant that someone had managed to get hold of the encryption key used to decrypt titles subject to digital distribution.

One of the men arrested was Divakar Kumar, owner of Veena Cinema Hall at Tivhra in Begusarai. He confessed that the suspect who escaped arrest, Monu, had helped him copy the digital print of the movie with the digital key supplied by the distributor.

Two of the suspects are already known to police. In fact, they were arrested two years ago for pirating Bahubali: The Beginning, the first installment of the movie series.

If you eyeball the Bahubali series – the first movie is available in full on YouTube, as is the trailer for Conclusion – you’ll understand why they’re bait for film kidnappers and catnip for movie goers: they’re epic, blood-drenched, and Game of Thrones-like.

Speaking of which, the latest law enforcement win apparently stands alone in a season that’s held nothing but bad news for the studios.

Last month, Netflix refused to pay a ransom demanded by hackers who stole the next season of the hit series, Orange is the New Black. After Netflix balked, a hacker uploaded 10 episodes of the upcoming season to The Pirate Bay, six weeks ahead of the series’ official June 9 launch.

HBO apparently learned its lesson from that one: a week after Netflix’s run-in with content kidnappers, HBO told the cast of Game of Thrones to set up multifactor authentication. It also reportedly stopped sending out paper scripts. Instead, one of the stars said, the cast now has to look at the scripts digitally, and the studio is only sending them out to cast members who’ve enabled two-step verification (2SV) on their email accounts.

Last week also saw hackers claim to have commandeered the new blockbuster Pirates of the Caribbean movie from Walt Disney. They’re threatening to release it online unless the studio pays a ransom in bitcoin, according to Disney chief executive Bob Iger.

According to The Hollywood Reporter, about a half-dozen Hollywood agencies have also been targeted by extortionists recently. It’s overwhelming the FBI’s Los Angeles field office, which can’t properly investigate them all, sources told the news outlet.

Thus, according to The Hollywood Reporter’s industry sources, this has been the FBI’s surprising advice: pay the ransom.

You can see the Bureau’s rationale: the extortionists are asking what’s little more than a rounding error when you’re talking about Hollywood profits. The hackers have reportedly demanded less than $80,000 in each of the cases. One law enforcement source told The Hollywood Reporter that in California, losses would have to exceed $50,000 for the US Attorney’s office to bother with prosecution.

You can see why HBO’s rightfully paranoid. Winter is coming, says Game of Thrones character Ned Stark? No, it’s smack dab right here: the extortionists have already wrapped their cold claws around the studios’ winter stores!


from Naked Security – Sophos http://bit.ly/2q7Djjl
via IFTTT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s