US Government Monitors: A Comprehensive List of Music Piracy Sites and Their Activities

Overview of the Notorious Markets List

Since 2011, the Office of the US Trade Representative (USTR) has been issuing an annual “Review of Notorious Markets for Counterfeiting and Piracy,” also known as the Notorious Markets List (NML).

The report aims to pressure governments, law enforcement agencies, and businesses to take actions against piracy. This initiative is backed by the US government, the world’s largest exporter of intellectual property, with $127.39 billion of IP exported in 2022, as per data from the World Intellectual Property Organization (WIPO). Germany and Japan follow, exporting $52.97 billion and $46.46 billion respectively.

Citing information from the Global Intellectual Property Center, the NML noted that piracy cost the US economy $29.2 billion in 2019 – a figure that includes physical markets as well as digital piracy.

This year’s NML emphasizes persistent concerns raised by music and other IP rightsholders: Stream-ripping sites, torrent indexing sites, illegal IPTV providers, and certain file-hosting services have been consistently flagged as critical elements in the online piracy mechanism.

An area that gained more attention this year was “Bulletproof” internet service providers and web hosting services that thrive by disregarding IP takedown notices, seemingly to attract those facilitating unauthorized content access.

“Bulletproof ISPs are known for terms of service that tend to explicitly advertise leniency in allowing customers to upload and distribute infringing content,” stated the NML, which can be read in full here. Rights holders indicated that reliance on these ISPs complicates efforts to remove infringing content.

“This is especially true when ISPs conceal their ownership and locations and are unresponsive to rights holders’ communications and takedown requests.”

Concerns Over Bulletproof ISPs

Among the contributors to the USTR were the Recording Industry Association of America (RIAA), which claimed that these ISPs “enable various types of criminality through leniency regarding the materials they allow to be uploaded and propagated through their networks, often disregarding notices of infringement or warning letters.”

This follows a series of lawsuits by music companies against other ISPs in recent years, which employed an experimental tactic by suing internet providers for insufficient action against piracy conducted by their users.

Notable targets of these lawsuits include Verizon, Altice, Charter Communications, and Grande Communications.

However, one of the most anticipated cases is that of Cox Communications. In 2018, Sony Music Entertainment, Warner Music Group, and Universal Music Group filed a lawsuit against Cox for repeated infringements affecting more than 10,000 musical works. A jury ruled in 2020, awarding the record labels approximately $1 billion, but the case is currently undergoing appeals and is slated for resolution by the US Supreme Court.

While this year’s NML covers concerns less pertinent to the music sector, like illicit online pharmacies and counterfeit medications, much of the report touches on subjects vital for music rights holders.

Identifying Key Piracy Mechanisms

The NML reviews the expansion of physical markets where counterfeit goods, including music media, are sold. Among these listings is Douyin Mall, an e-commerce platform akin to TikTok’s service in China.

Here’s a summarization of the most problematic services, platforms, and businesses that the USTR identifies as supporting piracy:

Identifying ‘bulletproof’ ISPs

Due to their questionable practices, bulletproof ISPs are often elusive in terms of identifying their locations and monitoring their infringing customers.

This year’s NML highlights various bulletproof ISPs and web hosting services, such as Squitter (also known as ABC Consultancy), which hosts numerous online piracy services.

The NML mentioned that Squitter’s domain registration suggests a possible Netherlands base, yet its physical address points to varying locations. Efforts to investigate have failed to uncover the actual locations of the site and its affiliates.

These services operate under multiple names, complicating tracking efforts. It was noted that Squitter has ignored thousands of takedown requests without responding to communications. An associated domain even marketed “DMCA ignored” as a feature.

Also called out in the NML is Amarutu (known as KoDDos), which claims that “(DMCA) messages will be forwarded to clients” with minimal action generally required. The NML observed that many major piracy sites utilize Amarutu’s services.

Another ISP targeted is DDoS-Guard, which is believed to operate from Russia and is recognized for its lack of response to takedown requests, thus hosting notorious cyberlockers and streaming sites offering pirated content.

Virtual Systems LLC, which seems to operate from Ukraine, provides services to over 5,000 infringing websites and IPTV services, many of which were highlighted in this NML.

“Virtual Systems is reported to offer ‘DMCA Ignored’ hosting services, ignoring countless takedown notices and failing to respond to communications,” the report emphasized.

Another flagged ISP is FlokiNET, which explicitly permits anonymous content hosting, requiring just a valid email address for clients, with servers based in Finland, Iceland, the Netherlands, and Romania.

Additional “bulletproof” ISPs listed by the RIAA include PRQ, founded by creators of the infamous torrent-sharing site The Pirate Bay, and Frantech Solutions/BuyVM, a Canadian provider using Luxembourg servers to leverage strong privacy laws.

Torrent indexing sites

These “bulletproof” ISPs represent only one facet of the digital landscape enabling piracy. The NML also identifies various torrent-indexing sites that grant users accessibility to torrent files for downloading and sharing infringing media.

Among the most notable is 1337X, classified as “one of the most visited pirate sites in Europe,” clocking 39 million visitors in August 2024 alone. Numerous countries have initiated blocking orders against it.

The notorious The Pirate Bay was also mentioned for remaining one of the most visited BitTorrent locations worldwide, utilizing reverse proxy services to obfuscate its hosting server locations despite multiple blocking attempts across various countries.

“A simple change in the country code or other top-level domain allows the site to reappear in top search results.”

Recording Industry Association of America

Another site mentioned is Torrent Galaxy, which surged in popularity following the shutdown of ExtraTorrent in 2018 and RARBG in 2023, receiving over 320 million visits since August 2023.

All three of these torrent sites were cited in RIAA’s submission to the US Trade Representative, demonstrating a clear organizational intent to infringe copyright protections by categorizing files in ways that unmistakably describe their content.

Additionally, the NML highlighted Rutracker, a popular Russian site requiring user registration to access, which had 34.2 million visits from 6.1 million unique users in August 2024.

Another major provider is YTS (YIFY), known for over 62,000 high-quality pirated movies available, frequently changing domains to steer clear of enforcement actions.

Cyberlockers

File-sharing isn’t the sole method for accessing pirated content; one of the simplest is utilizing file-hosting services, referred to as “cyberlockers,” which often permit the upload of pirated content for public download.

The NML documents several known cyberlockers, including 1fichier, with an alarming takedown request response rate of less than 17%, and Krakenfiles, identified as a significant source of pre-release music.

Others mentioned are Dbree, Ddownload, and Turbobit.

“Baidu has been the subject of several copyright infringement cases in China brought by other content distributors, but little progress is reported in enforcement.”

Office of the US Trade Representative

Particularly noteworthy is Baidu Wangpan, a cloud storage service from Baidu, China’s leading search engine.

“Users can share links to files stored on their accounts, leading to wide dissemination of infringing content via social media and other piracy linking sites,” the NML stated.

Baidu has previously faced multiple copyright infringement cases, yet owners report no significant changes in enforcement procedures.

IPTV (“pirate cable”) and streaming sites (“pirate Netflix”)

Illicit internet protocol TV (IPTV) services and streaming services are leading avenues for piracy. These services provide unlicensed content and resemble legitimate offerings like Netflix or Amazon Prime Video.

Among the largest culprits listed in the recent NML is GenIPTV, one of the world’s biggest illicit IPTV services, providing unlicensed access to 10,000 channels and over 50,000 copyrighted titles.

Another noteworthy mention is MagisTV, mainly focused on Latin America, providing access to on-demand TV shows, movies, and live sports.

The NML called out VK (Vkontakte), a Russia-based social networking site where users can share media files via an embedded player, reporting unsteady compliance with copyright requests since 2022.

“Many of these (streaming) services also permit unauthorized downloads of pre-release music, namely, tracks and albums that have yet to be publicly released.”

Recording Industry Association of America

The report flagged HiAnime (previously Aniwatch and Zoro.to) for its unregulated anime streaming, reporting 200 million visits in August 2024.

Significantly, the NML did not highlight many illegal streaming sites specifically dedicated to music, which the RIAA addressed separately, naming several targeted sites like Newalbumreleases.net, Intmusic.net, and Waploaded.com.

“Commonly, these sites also provide unauthorized downloads of pre-release music, including tracks and albums not yet commercially available,” the RIAA mentioned.

Stream-ripping

If you’ve ever wanted to download a YouTube video for offline viewing, bear in mind that this could infringe copyright laws. Stream-ripping primarily targets YouTube, widely regarded as the largest video platform, with Google resulting as a vital search avenue for such services.

“The music industry maintains a program to notify Google of stream-ripping sites,” the RIAA explained. “These sites may eventually see reduced search ranking due to these notices. However, operators of ripper sites have countered by generating new domain names to facilitate re-appearance in search results.”

This year’s NML highlighted two such services: SaveFrom (which has ceased operations in the US, UK, and Spain after rights holder pressure) and Y2Mate, which receives around 800 million annual visits.

“Some sources claim that (Snaptube) has been implicated in distributing malware, stealing user data, and illegitimately generating ad revenue.”

Recording Industry Association of America