Home > Security > Security News

FMovies Pirate Website Linked to Global Infostealer Activity

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Infostealer Movie Play Icon

The now-defunct FMovies piracy site, once the world’s most popular platform for illegal movie streaming, has been strongly linked to global infostealer activity impacting more than 15,000 users, according to a recent investigation. 

Findings on FMovies and Infostealers  

Data from Hudson Rock’s monitoring platform shows that over 32.2 million devices globally have been infected with infostealers, alongside 4.8 million compromised corporate accounts. 

Alarmingly, some infections originating from piracy-related vectors, like FMovies, remain undetected for extended periods, posing long-term risks to users and businesses alike.  

FMovies pirate website was linked to over 30,000 infostealer infections
FMovies pirate website was linked to over 30,000 infostealer infections | Source: Hudson Rock via TorrentFreak

A recent report reveals that FMovies played a significant role in spreading infostealer malware, which siphons sensitive user data, including personal credentials, payment details, and session cookies. 

FMovies pirate website primary infection vectors were malvertising, JS injector on ads, and cookie theft
FMovies pirate website primary infection vectors were malvertising, JS injector on ads, and cookie theft | Source: Hudson Rock via TorrentFreak 

The Hudson Rock analysis reports 30,348 Lumma, StealC, Vidar, Raccoon, and RedLine infections impacting 15,286 users. In total, 10,000+ passwords were leaked, with only 12.9% labeled as strong.

FMovies was labeled as a credential theft platform
FMovies was labeled as a credential theft platform | Source: Hudson Rock via TorrentFreak

The pirate website targeted cookies for session hijacking, bypassing MFA on weak sites, and free account access. Fake “Play now” or “Watch free” buttons were used to redirect to malware networks or droppers.

Malvertising redirecting URL was found on a pirate website
Malvertising redirecting URL was found on a pirate website | Source: Microsoft

A large-scale malvertising campaign was seen in early December 2024 that Microsoft Threat Intelligence now believes infected one million devices for data theft. 

FMovies Shutdown  

The pirate website was dismantled in August 2024. In November, the FMovies operator confessed to the charges and faced prosecution, along with his accomplice. Meanwhile, in May, the indicted FMovies operators received suspended prison sentences.

Add a Comment
Related
Dell Data Breach
Dell Solution Center Test Lab Breach, Linked to World Leaks Extortion Group Attack
Microsoft SharePoint Vulnerability
Microsoft Issues Critical Alert on SharePoint Server Flaws CVE-2025-53770 and CVE-2025-53771
Alaska Airlines
Alaska Airlines IT Outage Grounds Flights Across Fleet, Possibly Due to Ransomware Attack
Argentina Police Hacker
Argentine Police Foil Multiple Hacking Attempts, Extortion Plot and Efforts to Steal Case Files
Login Page Hacker
Seed of Deceit: PoisonSeed Tricks Users Out of FIDO2, Redirects Microsoft, Google and Okta Logins to Phishing Pages
WordPress Redirect Malware Exploits Google Tag Manager, Leading to Spam Domains
Most Popular
Dell Data Breach
Dell Solution Center Test Lab Breach, Linked to World Leaks Extortion Group Attack
Microsoft SharePoint Vulnerability
Microsoft Issues Critical Alert on SharePoint Server Flaws CVE-2025-53770 and CVE-2025-53771
Alaska Airlines
Alaska Airlines IT Outage Grounds Flights Across Fleet, Possibly Due to Ransomware Attack
Argentina Police Hacker
Argentine Police Foil Multiple Hacking Attempts, Extortion Plot and Efforts to Steal Case Files
Login Page Hacker
Seed of Deceit: PoisonSeed Tricks Users Out of FIDO2, Redirects Microsoft, Google and Okta Logins to Phishing Pages
ExpressVPN Fixes Windows App Bug Affecting RDP Traffic Routing
ExpressVPN Fixes Windows App Bug Affecting RDP Traffic Routing
Dell Solution Center Test Lab Breach, Linked to World Leaks Extortion Group Attack
Microsoft Issues Critical Alert on SharePoint Server Flaws CVE-2025-53770 and CVE-2025-53771
Alaska Airlines IT Outage Grounds Flights Across Fleet, Possibly Due to Ransomware Attack
Argentine Police Foil Multiple Hacking Attempts, Extortion Plot and Efforts to Steal Case Files
Seed of Deceit: PoisonSeed Tricks Users Out of FIDO2, Redirects Microsoft, Google and Okta Logins to Phishing Pages
ExpressVPN Fixes Windows App Bug Affecting RDP Traffic Routing

Most Popular
Dell Data Breach
Dell Solution Center Test Lab Breach, Linked to World Leaks Extortion Group Attack
Microsoft SharePoint Vulnerability
Microsoft Issues Critical Alert on SharePoint Server Flaws CVE-2025-53770 and CVE-2025-53771
Alaska Airlines
Alaska Airlines IT Outage Grounds Flights Across Fleet, Possibly Due to Ransomware Attack
Argentina Police Hacker
Argentine Police Foil Multiple Hacking Attempts, Extortion Plot and Efforts to Steal Case Files
Login Page Hacker
Seed of Deceit: PoisonSeed Tricks Users Out of FIDO2, Redirects Microsoft, Google and Okta Logins to Phishing Pages
ExpressVPN Fixes Windows App Bug Affecting RDP Traffic Routing
ExpressVPN Fixes Windows App Bug Affecting RDP Traffic Routing
Dell Solution Center Test Lab Breach, Linked to World Leaks Extortion Group Attack
Microsoft Issues Critical Alert on SharePoint Server Flaws CVE-2025-53770 and CVE-2025-53771
Alaska Airlines IT Outage Grounds Flights Across Fleet, Possibly Due to Ransomware Attack
Argentine Police Foil Multiple Hacking Attempts, Extortion Plot and Efforts to Steal Case Files
Seed of Deceit: PoisonSeed Tricks Users Out of FIDO2, Redirects Microsoft, Google and Okta Logins to Phishing Pages
ExpressVPN Fixes Windows App Bug Affecting RDP Traffic Routing

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2025 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: