Devices consumers use to pirate digital copies and live streams of TV shows and movies appear also to be allowing for the theft of their owners' data in that Faustian bargain.

That is according to a nine-month probe by the Digital Citizens Alliance, which said that jailbroken Fire TV sticks and Kodi Boxes are being used by hackers to steal user names and passwords and breach networks.

The group has been hammering on the pirate-hacking connection for some time, producing a slick video last year to try and educate the public.

A study by bandwidth tracker Sandvine last year suggested that as much as 6% of all homes in North America had a Kodi open source media player in some form of content piracy mode.

Related: Fully Loaded Kodi Boxes Becoming Bigger Piracy Threat

The alliance has published its findings in a new report, Fishing in the Piracy Stream: Howthe Dark Web of Entertainment is Exposing Consumers to Harm. One harm is that users of piracy devices and apps are six times more likely to report issues with Malware, the alliance said.

“What the investigation shows is that as piracy shifts from websites and downloads to devices and apps, hackers are adapting and finding new ways to exploit consumers,” said Tom Galvin, executive director of Digital Citizens. “Consumers think these devices are like an Apple TV or Roku device, but they have a distinct difference: they have little to no incentive to protect their users. In other words, they are perfect for hackers.”

Related: Digital Citizens Alliance Warns of Pirate Facilitators

The group says its investigation, conducted in conjunction with cybersecurity firm Dark Wolfe Consulting, also uncovered a scheme to monetize stolen Netflix accounts.

Among the findings of the investigation were:

• Researchers found malware pre-loaded on apps used to illegally watch movies, sports, and other content

• Malware in the illicit ad-supported streaming app 'Mobdro' "forwarded the researcher’s WiFi network name and password to a server that appeared to be in Indonesia."

• That Malware "uploaded, without permission, 1.5 terabytes of data from the researcher’s device."

• Users of the illicit devices are abetting hackers by enabling them to bypass network security when the devices are connected directly to a home network.

• A scheme enabled "criminals" to pose as streaming sites, like Netflix, to gain illegal access to a legitimate subscription.

Among the alliance's proposed action items in the face of that hacking threat is for 1) consumer protection agencies--like the Federal Trade Commission, which has vowed to crack down on privacy violations--to warn consumers about the risks of illicit devices; 2) law enforcement to investigate and prosecute; and 3) digital marketplaces--eBay, Craigslist, Facebook--to ban the devices.

The alliance claims among its supporters, "health, pharmaceutical, and creative industries," the last which are obviously most affected by the aforementioned content piracy.

A group of streaming services and studios are taking legal aim at Setvnow, a subscription video service based in Florida that, they claim, is selling a package of TV channels, movies and other content illegally.

The complaint, filed in the United States District Court Central District of California, Western Division, comes way of a group that includes, Amazon, Netflix, Columbia Pictures, Disney, Paramount Pictures, Twentieth Century Fox, Universal City Studios, Universal and Warner Bros., over allegations that Setvnow is pirating content and “inducing mass infringement” of copyrighted material by packaging it into a service that could look legitimate to the untrained eye.

The service being targeted, called Set TV, is offering a lineup of more than 500 channels that starts at $20 per month (for up to three devices per account) via an app for Android TV boxes, Android phones, Amazon Fire TV devices and browsers. Set TV has also set up a way to deliver service using Kodi add-ons.

RELATED: ‘Fully-Loaded’ Kodi Boxes Becoming Bigger Piracy Threat

Set TV’s basic package of hundreds of channels includes BBC News, MSNBC, CNBC, ABC, CBS, HBO, Nickelodeon, A&E, Bravo, MTV, NBA TV, ESPN, among many others. In addition to selling the basic package on a month to month basis, Set TV is also selling discounted three-month, six-month and 12-month subscriptions.

RELATED: MPAA: Kodi Abusers Are Growing Video Piracy Threat

Set TV, which also sells a pre-loaded, internet-connected TV device for $89 that runs its service (called the SP-110), notes on its web site that it’s selling the service worldwide to anyone with an internet connection. In addition to selling the service directly, Set TV has also set up a reseller and affiliate program.

However, the plaintiffs claim that Setvnow is obtaining content and distributing it illegally.

“For the customers who use Setvnow, the service provides hallmarks of using authorized streaming services—a user-friendly interface and reliable access to popular content—but with a notable exception: the customers only pay money to Defendants, not to Plaintiffs and other content creators upon whose copyrighted works Defendants’ business depends,” the suit contends.

Setvnow has been asked for comment.

The Alliance for Creativity and Entertainment (ACE), a global coalition that identifies and coordinates strategies against alleged content pirates on behalf of partners that include the SVOD services and studios, said it filed the suit against the service and two individuals, Jason Labossiere, said to be the site operator and domain registrant of www.setvnow.com, and Nelson Johnson, a partner in Set Broadcast LLC.

ACE has also gone after other services it believes to be accessing and distributing content illegally, including TickBox (a preliminary injunction was handed down in mid-February) and Dragon Box that, ACE claims, used software tools to “scour the internet” for sources of infringing content and assembling them into illegal, paid video services.

ACE and its backers have been on the legal offensive amid a growing threat from a new class of video pirates that have become increasingly sophisticated via the use of fancy interfaces along with customer service infrastructures that help these illegal services appear legitimate to consumers.

RELATED: TV’s Scary New Threat (subscription required)

“The technology makes the presentation of these pirate sites look pretty slick and, maybe to the untrained eye, seem halfway legitimate,” James Assey, executive vice president at the NCTA – The Internet & Television Association, said in an interview for a Multichannel News feature story on the topic.

“This is a whole new source of content,” noted Jan van Voorn, executive vice president and chief of global content protection at the Motion Picture Association of America (MPAA). “Just going after the box sellers is not going to impact this whole range of players in this field.”

“It can be used anywhere in the world that has reasonable broadband penetration and speed,” Mark Mulready, vice president of cybersecurity services at Irdeto, said. “It’s a significant and growing threat.” 

The next wave of piracy has reached the shores of the pay TV industry, and it’s shaping up to be possibly the biggest, most threatening one yet.

Call it Video Piracy 3.0. It’s a leap beyond digital file-sharing using technologies such as BitTorrent, or the earlier use of illegal — and more localized — distributors of set-top smartcards and other forms of illegitimate physical media that were sold out of the backs of trucks or in darkened alleys.

The pay TV industry is now faced with a new, more sophisticated flotilla of pirates who can deliver movies, TV shows and linear digital TV feeds that have been snatched somewhere in the complicated distribution chain and relayed directly to consumers who are willing to take big risks just to save a buck.

This new ecosystem includes video streaming devices, but its power comes from a vast network of illegal sites and unauthorized software “add-ons,” and a repository of illegal subscription services. This multifaceted threat is also paired with easy-to-use interfaces that look and feel a lot like something one might find on a legitimate pay TV offering.

Still, a source of the threat can be traced to the growing distribution of so-called “fully-loaded” Kodi boxes. On its own, the Kodi application — previously known as the Xbox Media Center (due to a heritage that focused on Microsoft gaming consoles) — is not illegal or a piracy threat. Rather, Kodi is getting a bad rap when the open-source media player software, which can run on commodity streaming hardware, is paired with the aforementioned unofficial add-ons, creating criminal conduits that can connect the user to sources of illegal content.

Some of that content is coming in the form of illegal subscription services that replicate much of what one could get from a traditional pay TV offering for a tiny fraction of the price, or for free.

Fuel for Cord-Cutting

A greater shift of consumers to unlicensed video and TV streaming and services could also hasten a growing cord-cutting trend. In addition to adding fuel to the cord-cutting fire, this illegal activity also keeps revenue out of the pockets of the companies that are legitimately creating, licensing or distributing TV shows, movies and linear channels.

“The emergent threat is a migration to subscription-type models where it truly cannibalizes cable revenue,” Dan Deeth, manager of media and industry relations with Sandvine, a bandwidth-management specialist that has been keeping close tabs on the TV piracy trend, said.

Pirates have also become more brazen in how they obtain and redistribute their video signals. While some are simply taking an over-the-air TV signal and relaying via the internet, others are obtaining and redistributing content from legitimate set-top boxes.

This scenario, Deeth said, has spawned a dark market of sorts where pirates will trade and swap illegal digital channels with other pirates to help build and expand their illegal content networks. Ironically, some pirate providers have even watermarked their own channels.

That ecosystem has also created a massive number of moving targets that can stymie those that are trying to tamp down the threat.

“This is a whole new source of content,” Jan van Voorn, executive vice president and chief of global content protection at the Motion Picture Association of America (MPAA), said. “Just going after the box sellers is not going to impact this whole range of players in this field.”

Today’s piracy landscape — and the ecosystem underpinning it — is also increasingly more sophisticated and even more professional-looking in terms of how the theft of TV and other types of video services is executed.

There are flashy, brazen advertisements that tout how these fully-loaded devices can be used by consumers to easily obtain premium content, including movies that are still in theaters, for free. Several of these pirates have even built a customer care infrastructure that provides step-by-step instructions on how these illegal products work and help with troubleshooting when consumers get tripped up by a technology issue.

Though it’s not easy to get an exact fix on the financial impact of this new, growing threat, a recent analysis of data collected by Sandvine sheds some light on the extent of it. And the results are attention-grabbing.

Gauging the Threat

In a report last year that spotlighted the fully-loaded Kodi ecosystem and was based on a dataset of more than 250,000 anonymized homes representing North America, Sandvine estimated that 8.8% of homes have an active Kodi installation. Though the Kodi apps don’t generate a lot of data, Sandvine said detection within a household isn’t difficult because the “heartbeat” of Kodi traffic is easy to hear.

Because not all Kodi users are stealing unlicensed content or using the technology for illegitimate purposes, Sandvine took things a step further to examine streaming behavior alongside content sources that were associated with official and unofficial add-ons.

Sandvine said it determined that 68.6% of homes with Kodi devices also have unofficial add-ons configured to access unlicensed content. Extrapolating that math further, the data showed concluded that roughly 6% of all homes in North America have a Kodi device configured to access unlicensed content.

Though not everyone uses Kodi for nefarious means, there’s no denying its growing popularity.

Irdeto, a company that specializes in digital security, estimates that there are about 40 million active Kodi users.

“It can be used anywhere in the world that has reasonable broadband penetration and speed,” Mark Mulready, vice president of cybersecurity services at Irdeto, said. “It’s a significant and growing threat.”

Sandvine’s data, alongside some examples of piracy that was hitting regions such as the United Kingdom, was “eye-opening” to the cable industry, James Assey, executive vice president of the NCTA: The Internet & Television Association, said.

Theft and piracy is not a new focus to organizations like the NCTA, but the report made it clear that it was time for the cable industry to get smart about the situation in a coordinated way, he said.

The Cable & Telecommunications Association for Marketing, meanwhile, teamed with Magid last year on a Connected Consumer study that included some focus on the threat of fully-loaded Kodi boxes. Among its findings: the threat isn’t limited to millennials. Fully-loaded Kodi users also include a wider range of consumer groups and a general blend of cord-cutters, cord-nevers and even some traditional pay TV subscribers who aren’t particularly remorseful about accessing illegal content for their personal enjoyment because they are already putting some money into the pay TV “system.”

Targeting the Threat

The threat level this represents has also brought together a broad coalition of stakeholders, including programmers, studios, distributors and packagers of premium content, taking aim at the new wave of piracy as a unified front.

“There’s a much wider array of players that are interested in disrupting the pirates,” Assey said.

A prime example in this arena is The Alliance for Creativity and Entertainment (ACE), a global coalition that identifies and coordinates strategies against the makers of these fully-loaded Kodi boxes and helping to identify sites and applications that are feeding them streams of illegal content. NCTA itself is not a member, but ACE’s backers largely include content rightsholders such as Amazon Studios, AMC Networks, BBC Worldwide, CBS Corp., Hulu, HBO, Bell Media, Lionsgate, NBCUniversal, Netflix, Viacom, MGM, Sky, Sony Pictures, 20th Century Fox, The Walt Disney Co., Warner Bros. and Univision Communications.

The growth of piracy devices, add-ons and apps “is a serious emerging threat to the legal market place for content, including films, television shows, sports and news programs, as well as a potential danger to consumers by spreading malware,” an ACE official explained via email.

ACE members are already making some progress, in the form of legal action, in their fight against new or emerging threats to the businesses of distributors, programmers and studios.

Among its recent court-focused activities, ACE and a group of its members, including Universal Studios, Disney, 20th Century Fox, Paramount Pictures, Netflix, Amazon and Warner Bros., have been taking aim at two different-yet-similar services — TickBox and Dragonbox.

There has already been some success against these threats. In a preliminary injunction handed down Feb. 13, a U.S. District Court in Los Angeles ordered TickBox to halt providing access to unauthorized content via its devices and software.

The order called on TickBox to ensure that its launcher software did not link to any sources of known pirated content, and to update its launcher software to delete or disable any previously installed apps that link to pirated content.

The original complaints go into some great detail about how both TickBox and Dragon Box allegedly link users to vast amounts of copyrighted content for free. Both use what are described as user-friendly interfaces that work in tandem with software tools that “scour the internet” for sources of infringing content and deliver links to those infringing sources to their respective customers via Kodi media players with the illegal add-ons and plug-ins.

The content — accessible through online repositories, called “cyberlockers,” that host the pirated content or streaming sites that make unlicensed streams of video content available through an embedded media player — can include movies that are still in theaters, as well as linear TV feeds.

The complaints also hold that the sources of that content tend to be a moving target, but the software takes the hassle out of locating high-quality illegal versions. “As an easy to install and operate, plug-and-play device, TickBox TV offers its customers nearly instantaneous access to huge quantities of infringing content. All a customer needs is an Internet connection, a screen (computer monitor or television) and a TickBox TV device,” the complaint said.

To make the service easy to use, TickBox also provides videos with instructions on how to use the device to search for and access copyrighted material.

Per the Dragon Box/Dragon Media complaints, both filed with the U.S. District Court for the Central District of California, Western Division, the applications provide customers with a customized configuration of the Kodi media player and a curated selection of what it deems to be the most popular add-ons for accessing infringing content. In tandem with those add-ons (the complaint holds that there are more than 80 of them), content is also sorted into categories such as Sports, 4Kids, IPTV and TV Shows.

Citing information posted last December by Paul Christoforo, a defendant from Carlsbad, Calif., named in the Dragon Box case that sought more Dragon Box resellers, the service claimed to have more than 250,000 customers in all 50 U.S. states and in four countries. At the time, Dragon Box claimed to have 374 sellers.

ACE also stressed that lawsuits aren’t the only strategy being employed, as it also supports voluntary, private- sector initiatives aimed at reducing illicit conduct by coordinating with content creators, ad networks, payment processors, and domain registrars and registries, as well as search engines.

And there’s been some successes in other parts of the world. Last year, for example, Canada’s Federal Court of Appeal in Montreal upheld a ban that prevents the sale of fully loaded devices. That action came after several service providers, including Rogers Communications, Bell Canada and Vidéotron, took legal aim at sellers of preconfigured devices that enabled access to valuable, unlicensed content, TorrentFreak reported.

Also last year, the European Court of Justice also found that the streaming of copyrighted material via fully-loaded Kodi boxes and other similar types of media players is illegal in European Union member states.

And just last month, the hammer of law came down on a London man named Nayanesh Patel, who was allegedly selling loaded Kodi boxes that provided access to illegal broadcasts of English Premier League soccer matches on outlets such as eBay and Facebook. Patel reportedly was forced to pay a fine of £18,000 (approximately $25,000) and made to stop selling and distributing the devices.

Though lawsuits and other legal actions have helped in some instances, the use of forensic watermarking might also dissuade would-be pirates.

In a survey of 4,252 adults in the U.S., United Kingdom, and Hong Kong, YouGov, a data and analytics group, and video tech provider Edgeware found that about half of those surveyed who say they would watch pirated content would think again if they knew a program they were watching could be tracked back to its source using forensic watermarking.

An extremely troubling aspect of this new menace is that consumers don’t need much technical savvy to access and view illegal content. Installs are simple plug-and-plays that are backed up by slick user interfaces that point the user toward where to access illegal on-demand content and live TV feeds.

Ease of Use a Disturbing Driver

This new wave of digital pirates isn’t immune to disruption, but the simplicity of these illegal offerings are driving scale into this dark market, making it tough to contain.

“It’s very straightforward to use for anyone,” the MPAA’s van Voorn said. “They [the pirates] provide consumers with step-by-step instructions on how to program these boxes.”

Said NCTA’s Assey, “The technology makes the presentation of these pirate sites look pretty slick and, maybe to the untrained eye, seem halfway legitimate.”

Ease of availability was also the most cited reason to view pirated content, according to the YouGov/Edgeware study, which also found that 29% of respondents said they watched pirated content at least once a month.

And these illegal video and TV services are just the tip of the spear when it comes to problems they can create for consumers. They also expose consumers to other potential dangers from outside the realm of ill-gotten content. Individuals who use pirated video services might not be aware, for example, that part of the economic model for some of them is the distribution of malware on devices that can form a gateway to a whole host of other illegal activities and fraud.

As locking down the threat becomes increasingly important for those who are trying to enforce their content copyrights, Irdeto has been investing in crawling platforms that provide a real-time analysis of Kodi plug-ins, Mulready said.

“I would put Kodi as one of the main threats to the industry at the moment,” he said. “Overall Kodi usage, in terms of visits and active users, still seems to be growing and very popular.”

Sandvine, a maker of bandwidth management and network intelligence systems, issued a study finding that 6.5% of homes in North America are accessing illegal live TV services each month, estimating that the filching of that content could cost pay TV providers more than $4 billion in revenue this year.

In a new Global Internet Phenomena report dedicated to the video piracy trend, Sandvine said the threat comes from illegal services that replicate live TV services for about $10 per month, steeply undercutting the price of legitimate cable and satellite TV offerings. One example is NecroIPTV, a company based in Germany that takes payment for the provisioning of thousands of channels from around the globe.

Sandvine based its findings on data culled from its work with several North American service providers along with research of TV piracy services.

Sandvine’s study also fixated on the devices that consumers are using to obtain illegal content. Purpose-built set-top boxes/hardware that embed software that’s solely designed to access pirated TV streams is by far the main vehicle, at about 95%.

Behind that are so-called “fully-loaded” Kodi devices, including PCs and smartphones, that can be modified with unofficial add-ons that are capable of accessing pirate video services.

RELATED: ‘Fully-Loaded’ Kodi Boxes Becoming Bigger Piracy Threat (subscription required)

Sandvine also identified four key content categories that appear to be driving the growth of live TV piracy: premium programming, sports, news, and international/expatriate content.

More about Sandvine’s study, including the “phantom bandwidth problem” that illegal live TV services present to ISPs and consumers will be featured in the Nov. 6 issue of Broadcasting & Cable.

Video piracy is a global epidemic. From recording device-toting movie theater audiences to the behind-the-scenes torrent network manager (and ad salesperson), there isn’t a limit to the number of identities content thieves can assume. But to varying degrees, they’re united in their desire to swindle content producers — and consumers in many cases — and capitalize.

The advent of higher-quality resolution content like High Dynamic Range (HDR) is one of the latest opportunities for video pirates around the globe to target and exploit to their advantage, as the pirate source is most attractive to users (and their eyeballs).

Strategy Analytics predicts that annual worldwide sales of HDR-enabled TVs will reach 58 million units in 2020, with U.S. penetration of HDR TVs forecasted to reach nearly 25% of homes. The need to protect HDR content will intensify as more consumers obtain access to these devices — and subsequently this higher quality and valued content. Effective and efficient measures, however, are already in place so content owners and players can equip and protect themselves in the wake of this growing technology.

The content industry started adopting new systems to better secure its revenue when 4K-quality content was unveiled to the market — initially, on UHD Blu-ray Discs, and more recently on a wide variety of pay TV and over-the-top platforms. MovieLabs — a joint venture among the six Motion Picture Association of America (MPAA) studios — published the first version of its Specification for Enhanced Content Protection in 2013, which outlined a set of security recommendations for improving the security of the highest value audiovisual content regardless of delivery mechanism. Since then, the specifications have been tightened further. Content distribution partners should always use the most recent ones as their lodestar.

In discussing the challenges associated with HDR content, my co-author, Ron Wheeler, senior vice president of content protection and technology strategy at 20th Century Fox, told me that for companies whose business is to entertain viewers, innovation is key — including the latest picture quality evolution made possible with HDR.

However, better quality is just as attractive to pirates as to paying consumers. “Fox’s experience is that the moment a high-quality pirate source becomes available, it immediately becomes much more popular than lower-quality sources such as theater camcorders or ‘ordinary’ HD sources, and is, therefore, a bigger threat to our legitimate business. That makes it imperative that we do everything we can to protect that high-quality source from piracy as long as possible,” he said.

This is where forensic watermarking becomes a critical tool. The presence of a unique identifier for each piece of content makes retrieval a lot easier and enables content owners to easily identify the weak link in their distribution system. The ability to trace illicit redistribution to the original source makes it a very strong piracy deterrent, as content owners can strongly warn pirates, and even consumers watching an illegal stream, against the legal implications of accessing or sharing copyrighted content.

Equally if not more importantly, they can refer uploaders of the content to law enforcement authorities for investigation and prosecution, with attendant publicity that will make future would-be uploaders think twice. This deterrent effect has resulted in significant delays in piracy of high-quality sources in places where watermarking has been deployed, such as South Korea.
Studios are planning to offer HDR as a mass-market proposition by 2018, so content distributors need to implement or upgrade their protection arsenal now. By preparing for this growing pixel revolution, they can avoid the pitfalls of tech-savvy pirates using the latest specifications for content protection.

Mark Nakano is senior director of product marketing and partnerships at NexGuard; Ron Wheeler is senior vice president of content protection and technology strategy at 20th Century Fox.

HBO's Game of Thrones appears set to keep its crown as the most-pirated TV show as Sunday night’s season five finale set a new record of 1.5 million downloads in a span of eight hours, according to TorrentFreak, a site focused on file-sharing and privacy and copyright issues.

By comparison, it took about half a day last year for an episode of GoT to hit such a lofty piracy figure.

TorrentFreak said it expects that number to “swell to over 10 million during the days to come,” noting that the season finale also set a record for the number of people sharing a single file at the same time. At last check, TorrentFreak said 258,131 people were sharing a single torrent of the season five finale, with 181,075 sharing a complete copy of that particular torrent, with another 77,056 still in the process of downloading it.

The site said lower quality copies (480p) of the show remains the most popular among illegal downloaders, followed by copies in 720p and 1080p.

According to TorrentFreak, Game of Thrones has been the most pirated TV-show three years running, and is positioned for a fourth. 

Heading into season five, Irdeto likewise had GoT as the most-pirated show, finding that episodes from the first four seasons were downloaded more than 7 million times between February 5 and April 6, followed by AMC’s The Walking Dead (5.7 million illegal downloads), History’s Vikings (3.4 million) and Netflix’s House of Cards.

The premiere of the fourth season of HBO’s Game of Thrones didn’t just overwhelm the network's TV Everywhere app. It was also a massive magnet for pirates. 

Sunday night’s premiere set new records for digitally-pilfered versions of the episode, reported TorrentFreak, a site focused on file-sharing and privacy and copyright issues.

According to TorrentFreak, more than 1 million illegal copies were downloaded in just half a day. At its height this morning, more than 300,000 BitTorrent users were sharing the new episode,  the site said.

TorrentFreak pinned part of the piracy craze on HBO Go’s temporary outage Sunday night, noting that it “probably motivated some to look for unauthorized copies, which were widely available through dozens of torrent sites soon after the episode finished. Unlike HBO Go, downloads via BitTorrent actually benefit from the increased interest, which usually means that downloads finish faster.”

The season three finale of Game of Thrones was the most-pirated show of 2013, with an estimated 5.9 million downloads, according to TorrentFreak.

“[W]ith today’s numbers it is well on its way to securing the title for another year,” the site added.

A TorrentFreak sample of 18,333 IP addresses showed that Australia (11.6%) represented the country that was sharing the season four episode the most, followed by the U.S. (9.3%), the U.K. (5.8%), and Canada (5.2%).

On the legit end of the distribution spectrum, the episode pulled in a Nielsen overnight rating of 6.6 million viewers for the 9 p.m. showing, a 52% boost from the season three premiere and a 23% rise compared to the season three finale.