Italy disrupts – Italian authorities say they dismantled the CINEMAGOAL piracy app, which they describe as an unusually stealthy system that pulled valid decryption and authentication codes from legitimate subscriptions every 3 minutes and replayed them to users. The operation
For users who believed they were just streaming, the CINEMAGOAL app felt simple. Install it, open the service, watch. But behind that ease. Italian authorities say the system was doing something far more targeted: it was reaching into legitimate streaming accounts and extracting the codes needed to make protected content play.
Italian law enforcement dismantled what it described as a piracy ecosystem built around the CINEMAGOAL app. which provided access to streaming platforms including Netflix. Disney+. and Spotify. Rather than operating like the IPTV services that openly advertise online. CINEMAGOAL used an app that customers installed on their own devices.
The disruption came through a large-scale anti-piracy operation called “Tutto Chiaro” (All Clear). During that effort, Italian authorities conducted 100 searches across the country and seized materials that investigators said could help identify individuals involved and quantify illegal profits.
Guardia di Finanza—an agency operating under the Ministry of Economy and Finance—said CINEMAGOAL operators likely made “millions of euros” from audiovisual piracy, unauthorized computer access, and computer fraud.
The core of the scheme, according to the enforcement account, was technical and time-driven. The CINEMAGOAL app connected directly to legitimate streaming platforms and authenticated using valid decryption codes fetched from foreign servers. Virtual machines in Italy were used to capture those valid authentication and decryption codes from legitimate subscriptions every 3 minutes. then redistribute them to customers.
Authorities also said those legitimate subscriptions were opened using false identification data on Sky, DAZN, Netflix, Disney+, and Spotify.
What makes the case stand out, investigators said, is that the app didn’t just slip past blocks. Guardia di Finanza described CINEMAGOAL as a “highly advanced and previously unseen system” that bypassed platform security measures while increasing viewing quality—reducing the chances that end users could be “intercepted” by the control systems.
The agency added that access to the application did not involve a connection attributable to a specific IP address, offering “greater shielding for the end user.”
As part of an action coordinated by Eurojust, police forces seized CINEMAGOAL servers in France and Germany. Those servers, authorities said, contained the app’s source code and functions used to decode protected streams. The operation involved 200 financial police officers.
CINEMAGOAL’s distribution network, investigators say, stretched beyond the app itself. They described more than 70 resellers selling annual subscriptions priced between €40 and €130 (with a converted range of $46 to $150).
Authorities said payments were made using cryptocurrency or to foreign bank accounts, including accounts registered under fake names.
The financial impact presented by investigators is large. It is estimated that CINEMAGOAL caused damages of around €300 million ($347M) in unpaid subscription revenues over the time of its operation.
Now, investigators say they are analyzing seized materials to identify everyone involved—including end users—and estimate total profits. Guardia di Finanza said the probe is still in a preliminary phase.
Even so, authorities reported that they have already identified many subscribers and sent penalties ranging from €154 to €5,000 ($179 to $5,800) to the first 1,000 subscribers.
The wider crackdown also caught another piracy business. During the same law enforcement action, an IPTV service known as “pezzotto” was identified and dismantled.
CINEMAGOAL Italy anti piracy Tutto Chiaro Guardia di Finanza Eurojust streaming piracy Netflix Disney+ DAZN Sky Spotify decryption codes authentication codes cryptocurrency payments IPTV pezzotto
Good, stop the code stealing stuff.
So they were basically cloning Netflix/Disney+ logins every 3 minutes? That sounds like some TV magic lol. I don’t get how people didn’t just get hacked too.
I mean… if the app used valid codes from legit subscriptions, doesn’t that mean Netflix/Disney+ security is kinda weak? Like why are foreign servers holding decryption codes anyway. Feels like the companies are to blame more than the users.
Every 3 minutes?? That’s actually wild. Also “false identification data on Sky, DAZN, Netflix…” like couldn’t they just close those accounts? And Spotify too?? I saw this and thought it was about streaming quality at first, like buffering issues or something. Millions of euros though, so I guess it wasn’t just a shady app, it was like a whole hustle.