The operations of the piracy website “filmai.in” — whose domain is registered in Russia and whose data center locations are constantly changing — pose a threat not only to users’ personal data but also to the national security of Lithuania, according to Andrius Katinas, representative of the Radio and Television Commission of Lithuania (LRTK). According to the State Security Department (VSD), user data stolen through such websites may become a tool for hostile-state cyber groups targeting national institutions and strategically important companies.

A. Katinas, Head of the Market Participants Supervision Division at the LRTK, stated that the website’s domain has been registered in Russia for approximately five years, during which time the administrators have repeatedly changed the location of their data centers in an effort to conceal their illegal activities.

“Currently, the domain name is registered in Russia, but the website has not only its own domain name — it also uses servers and operational data centers where films are hosted. At present, the films are being hosted in Amsterdam,” he told ELTA.

“Over the past five years, ‘filmai.in’ has changed its data centers multiple times. According to the Commission’s calculations, this has already been done for the sixth time. This is intended to hide their digital ‘footprints.’ (...) Russia does not comply with European Union legal requirements or LRTK orders, which is why that country remains attractive to the website’s administrators,” A. Katinas added.

He also recalled that in 2021, a major leak of user data from the illegally operating website occurred. At that time, it was reported that cybercriminals had exposed the usernames, email addresses, and passwords of approximately 650,000 “filmai.in” users. According to A. Katinas, this data remains accessible on the dark web to this day.

“Although the data is several years old, it remains relevant because people rarely change their email addresses and passwords. For financial fraudsters, for example, such information is worth its weight in gold, as it serves as a starting point for illegal activities,” he noted.

The LRTK representative emphasized that it is only a matter of time before new customer data from the piracy website is leaked again. In addition, he warned that such piracy websites may contain malicious software capable of collecting user information without their knowledge.

“When more than 500,000 users’ data is leaked, this becomes not only a personal issue, but a national security issue. We at the LRTK view online copyright infringements, just like illegal IPTV operations, through the prism of cybersecurity,” said the Head of the LRTK Market Participants Supervision Division.

VSD: Personal Data Leaks Threaten State Institutions

According to the State Security Department, personal data leaks pose risks to the data security of state institutions and strategically important enterprises.

“Several dozen cyber activist groups linked to hostile states are operating against Lithuania and other Western countries. Data theft and publication are among the methods actively used by these groups, posing a threat not only to private individuals but also to the security of data belonging to state institutions and strategically significant companies,” the VSD stated in its response to ELTA.

The Department also stressed that residents should responsibly and critically assess the websites they visit and where they provide personal information.

“The State Security Department urges residents to familiarize themselves with safe behavior rules in the digital environment and to enter personal data into websites only after verifying their security and clear ownership,” the VSD emphasized.

According to A. Katinas, the LRTK has currently blocked more than 600 domain names and over 7,000 IP addresses involved in illegal IPTV activities. He also stressed that copyright infringements are often linked to the dissemination of disinformation, war propaganda, and hate speech.

ELTA reminds readers that in February of this year, the LRTK announced that, following monitoring activities, it had determined that the content of the website “filmai.in” and its related subdomains was accessible through an IP address network hosted by the Russian company “JSC IOT.” According to the LRTK, this infrastructure enabled the distribution of audiovisual programs whose dissemination is prohibited in Lithuania.

Text prepared by Karolina Navakauskaitė (ELTA).