Content Pirates Share Loot in Secure Messaging Apps

Tom KarygiannisAndroid, iOS, Piracy, Research

pirate cartoon

Spiderman is the most popular pirated movie shared through Secure Messaging Apps. Netflix has the most pirated titles while Disney titles have had over 5M views over a 3-month period.

As the Covid-19 pandemic forced movie theaters to close, movie studios are experimenting with new ways to reach audiences through a combination of theatrical releases, streaming services, spin-off made-for-TV shows, and mobile apps. Warner Brothers, for example, recently announced that it will release all its new 2021 movies simultaneously on the HBO Max streaming service. We also saw Quibi take a bold, but short-lived, step at storytelling on mobile phones in an effort to capture a new audience in the same way that TikTok has. Unlimited data plans and the availability of quality content through mobile apps have transformed the smartphone from a second screen to a direct competitor to TV for new audiences.

With billions of smartphones and mobile apps throughout the world sharing and collecting data about every user, they have become an irresistible data-rich target for criminals and nation states alike. Popular and trending topics, ranging from online voter registration to Covid-19 diagnostics, present scammers opportunities to capitalize on pop culture and political trends to create a never-ending flow of new scams. Knock-off games, insecure VPNs, data harvesting security apps, and keystroke loggers, are just a few examples of mobile apps that end up on unsuspecting users’ smartphones. Hate speech, disinformation, and deep fakes present a new wave of challenges for social media and messaging platforms. Official app stores and mobile app developers are continuously balancing political, law enforcement, public, and regulatory demands to meet privacy and security requirements, support freedom of speech, remove illegal content, and enforce the platform’s terms of use.

We took a look at the intersection of many of these issues playing out in secure messaging apps that are being used by content pirates to illegally share movies. Content piracy, like other online illegal activity, is an ever-evolving cat and mouse game. Some content is shared because the content pirates feel it is too expensive to purchase otherwise, they don’t consider it the same as stealing a physical object, and more often to make profit serving ads on top of the pirated content to fund other illegal activity. The messaging apps have to protect their users’ privacy and secure their data while at the same time enforcing the terms of use.

Over a three-month period, Kryptowire researchers were able to automatically identify hundreds of thousands of links to pirated movie content that were being shared through public channels in secure messaging apps. We discovered pirated content ranging from Black Panther to John Wick, from traditional movie studios like Disney and their Hulu subscription service, to Netflix and even to the now defunct Quibi. The most popular pirated movie in the secure messaging apps we analyzed was Spiderman, Disney led the pack with over 5 million movies viewed over the three-month period, while Netflix had the most pirated titles.

A summary of our results can be seen below.


Content piracy enabled by secure messaging apps is just one example of how some people will find ways to take advantage of new technologies to automate and scale their antisocial or criminal activities. Moderating hate speech, automatically identifying disinformation campaigns, and preventing inappropriate content from being viewed by children, are just a few other examples problems that need to be addressed by social media and messaging platforms. Mobile apps haven’t created these problems, they have just made it possible for them to be in everyone’s pocket.

Twenty years ago, LimeWire released a free peer-to-peer file sharing (P2P) client that was quickly adopted by content pirates to share music and movies “ripped” from Compact Discs (CD). Today, fans of video store (remember those?) magnate Johnny Rose can now stream the Emmy Award winning Schitt’s Creek to their smartphones and tablets that have more computing power than the desktops that used to run LimeWire. A lot has changed since LimeWire was released and new technologies have changed the ways we purchase and view content. Content pirates have adjusted to this new mobile landscape and they’re not alone.

In 2021 we can expect regulators to be taking a closer look at how mobile app developers, app platforms, and app stores enforce their terms of use while protecting the privacy of their users.