[Case Study] Setting up an illegal streaming site #1

On one of the forum’s I’m subscribed too some guy posted an ad where he tried to sell an illegal streaming site for $25. I checked out the site, located the WordPress theme used and noticed that the theme license was worth more than the site itself.

Given that the guy claimed that the theme was legit and not nulled and also that he reduced the price to $15 I asked for more details and he told me that the theme might be with unlimited install licenses (the version that costs $1k) or might just as well be expired so because he has no use for it he’s going to let it go and he provided a screenshot of the member panel with the theme vendor to prove the theme was indeed legit.

I didn’t buy his story and neither did three folks more that asked about the same thing so eventually he offered the site at $10 and got the attention of someone that actually bought it.

Because movie streaming is becoming a popular niche nowadays in the blackhat field this story drew my attention so I decided to do a little bit of research. Apparently with the public torrent trackers going into a steep decline because of the malware, spam and exposure they represent both for the uploader and for the downloader a new niche is being formed around the movie and TV show piracy area.

Therefore I started with an attempt to identify which is the WordPress theme used on these sites and I ended up visiting MundoThemes, where I found the portfolio of a guy that’s been building some pretty neat WordPress themes and the vast majority of them are aimed for streaming sites (illegal or not).

After checking out each of them I noticed that the most widespread theme among illegal streaming sites (which seem to have also taken over the adult niche too) is Grifus, a theme which costs $60 on the developer site and which according to the counter on the theme page has been already purchased 1439 times.
grifus4

Using Google I was able to locate a volume of 161 active installations for Grifus, most of them associated with English and Latin illegal streaming sites. Out of curiosity I checked out the top 20 sites (by Alexa score) and learned some very interesting things:

  • 6 domains are registered with Namecheap, 4 with Public Domain Registry, 2 with Name.com and 2 with GoDaddy while the remainder are registered with different registrars;
  • 13 sites are routed via Cloudflare so their actual hosting provider cannot be determined with accuracy, while 4  of them are hosted on Namecheap and the remaining 3 with other provider;
  • 17 sites have private whois while 3 don’t;
  • the preferred domain extension remains .com, although the top 20 also includes a .tv, a .kim and a .link.

Needless to say that after reviewing the listing above I concluded that Namecheap is by far the most pirate friendly registrar and hosting provider. Besides, it’s hard to think otherwise when on Facebook they share news about pirate sites:

screen-shot-2016-10-04-at-17-40-09

But my curiosity didn’t just stop there as I’ve investigated the subject in depth and learned how to make a nearly bulletproof illegal streaming site. So the second part of this subject will cover my idea of making it happen. Stay tuned!