Last week law enforcement agencies in Europe shut down Mobdro, now described as the world’s largest pirate IPTV app. At least in part, Mobdro raised revenue by giving its users the option to have their devices join the Luminati proxy network. According to Luminati’s CEO, the company was completely unaware of the investigation.
Last Tuesday, the European Union Agency for Criminal Justice Cooperation (Eurojust) reported that police had made one arrest and detained three people for questioning in connection with the pirate streaming app Mobdro.
As one of the newer breeds of standalone piracy apps, Mobdro offered live TV, sports channels and 24/7 content presented in an easy-to-use interface.
Over the years Mobdro’s popularity sky-rocketed although there appears to be a disagreement among law enforcement agencies on the exact number of users.
On March 10, Eurojust said that 43 million users had downloaded the app yet a day later, Europol more than doubled that estimate to 100 million users. Either way, Mobdro was huge and in a developing case, there is more to report.
Europol now says that after three house searches (two in Spain, one in Andorra) four people were arrested and 20 domains were blocked under the authority of four court orders. In addition, bank accounts containing unspecified sums of money were frozen.
Mobdro Revenue Generation
One thing that both Eurojust and Europol agree on is the amount of money believed to have been generated by Mobdro. According to both agencies, the people behind the app made more than €5 million in illegal profits. Eurojust doesn’t say where that revenue came from but Europol is prepared to offer more detail.
“The Spanish company behind the illegal activity earned its profits through advertisements,” Europol confirms.
While any number of advertising companies could have been working with Mobdro, that wasn’t the only way the app generated income. As reported in April 2019, Mobdro was criticized in a security study for including a system that made it possible for a “threat actor” to log in to a user’s device and then navigate away from the device to the Internet, effectively posing as the user online.
While this sounds scary, this was actually a ‘feature’ that Mobdro users opted into, to avoid seeing any advertising in the app. Users who made that choice found themselves being asked to consent to a EULA before their idle devices could be utilized by the Luminati proxy network. From there on in, their IP addresses and bandwidth could be used by others, as per the agreement.
Europol doesn’t mention Luminati by name but the use of certain terminology piqued our interest.
“Through the computer infrastructure and power, [the operators of Mobdro] were able to sell user information to a company related to botnet and DDoS attacks,” Europol explains.
Given that an industry-funded study had already highlighted that Mobdro used Luminati, and that earlier reports indicated that Luminati’s network had been illegally used to launch a DDoS attack, it seems likely that Europol is talking about Luminati.
The big questions, then, are whether Luminati appreciates this characterization and whether it is now part of the criminal investigation into Mobdro.
Luminati Was “Not Aware” Of Mobdro Investigation
“Luminati is not currently and has not been in any way involved in the law enforcement investigation against Mobdro. In fact, we were not aware of the reported investigation until recent press coverage,” Luminati CEO Or Lenchner informs TorrentFreak.
“We have zero tolerance to illegal activities. When it came to our attention that Mobdro (a publisher which was using our commercial SDK) had been subject to a law enforcement investigation for alleged copyright infringement, we suspended their right to use our SDK.”
It’s not clear how many of Mobdro’s users (Eurojust says 43 million, Europol 100 million) chose to remove ads and join Luminati but even just a small percentage would’ve added significant numbers of IP addresses to the Isreal-based company’s network.
According to Lenchner, this would not be connected to illegal activity. Luminati provides services to Fortune 500, academic, and public sector organizations for entirely legal end-uses.
“Luminati’s SDK is in no way connected to the alleged copyright infringement, as should be the case for any other SDKs that Mobdro was using,” he explains.
“App publishers offer their customers to join the Luminati proxy network in return for using their app without advertising, thus enabling them to have a better user experience.
“Publishers choose Luminati because an improved user experience leads to increased engagement. Enterprises use Luminati’s proxy network to collect open/public information on the Web such as product pricing, for ad verification and for fraud prevention.”
Lenchner says that any users who opted to join the Luminati proxy network are protected by a “stringent and compliant KYC (Know Your Customer) process.” Luminati’s CEO says no data is collected about these users and their connections were only used for “pre-approved business/use cases.”
In the event that any users of Mobdro clicked the EULA without reading it, they are able to review what their connections could have been used for here.
Many thanks to TorrentFreak for the breaking news.