Computer Crime & Intellectual Property Section, U.S. Department of Justice
United States Attorney, Eastern District of Virginia
United States Customs Service
United States Customs CyberSmuggling Center - C3
Illegal “warez” organizations and Internet piracy
In the early 1990's, groups of individuals working in underground networks
organized themselves into competitive gangs that obtained software, "cracked,"
or "ripped" it (i.e. removed various forms of copy protections) and posted
it on the Internet for other members of the group. This network of individuals
and groups, numbering in the thousands, evolved into what is today loosely
called the "warez scene" or community.
At the top of the warez scene are a handful of "release" groups
that specialize in being the first to obtain, crack (i.e., remove or circumvent
copyright protections), and distribute or release the latest software, games,
movies, or music to the warez scene. Frequently, these new "releases"
reach the Internet days or weeks before the product is commercially available.
Release groups compete against each other to attain a reputation as the fastest
providers of the highest quality, free pirated software, including utility
and application software, computer and console games, and movies.
As technology has advanced, the top warez groups have become more technologically
sophisticated and security conscious to avoid detection by law enforcement.
Many of the elite groups communicate about warez business only through private
e-mail servers, sometimes using encryption, and in closed, invitation-only
IRC channels. Additionally, most members disguise their true IP addresses
(and thus their true locations) when communicating in IRC by routing their
communications through "virtual hosts" or bounce boxes. Finally,
many warez groups protect their large FTP archive sites — which can contain
tens of thousands of copies of software, games, music, and music for free
downloading — through a combination of security measures that include
bounce sites, automated programs for IP address and user password verification,
and the use of non- standard ports for FTP traffic.
The specific reasons that an individual becomes and remains involved in
the top warez "release" or "courier"
organizations may vary. However, it is almost always the case that a primary
motivator is the desire to gain access to a virtually unlimited amount of
free software, game, movie, and/or music titles available on the huge file
storage and transfer sites (FTP sites) maintained by, or offering user privileges
to, these elite warez groups. These computer sites not only offer a tremendous
variety of quality copyrighted works, but they also generally have extremely
fast Internet connections for rapid, efficient downloading and uploading.
Other possible motivators or enticements for warez group members may include:
(1) the thrill and social comraderie they obtain through clandestine participation
in illegal activity; (2) the improved personal reputation or fame in the warez
scene that comes with membership in the "top" groups, and in helping
to keep those groups on top; and (3) financial profit, as some involved in
the larger warez organizations take the pirated products and sell them for
commercial gain.
Today it is estimated that approximately 8-10 of the largest warez "release"
groups in the world are responsible for the majority of the pirated software,
games, and mvies available on the Internet. These highly organized "release"groups
specialize in being the first to release new pirated software, games, and
movies to the warez community for unauthorized reproduction and further distribution
worldwide. Individual groups generally specialize in "releasing"
only certain types of copyrighted works; for instance, two of the oldest groups,
DrinkOrDie and Razor1911, specialize in releasing application software and
PC or console games, respectively. In addition to their release work, these
warez groups also maintain large FTP archive (or "leech") sites
for the benefit of their members and others engaged in Internet software piracy.
An average FTP archive site may contain between 10,000 to 25,000 individual
titles of software, games, movies, and music, all of which is made available
for free downloading ("leeching") by group members and valued warez
associates or contributors to the site.
The top-level release groups are highly structured organizations with defined
roles and leadership heirarchy. These organizations generally have a Leader,
who oversees and directs all aspects of the group; three Council members or
Senior Staff, who direct and manage the day-to-day operations of the group;
10 to 15 Staff, who frequently are the most active and skilled contributors
to the group’s day to day "release" work; and finally, the
general membership, whose functions and involvement in the group vary. Members
generally only interact via the Internet and know each other only by their
screen nicknames, such as "bandido," "hackrat," "erupt,"
or "doodad."
A pirated version of a software application, game, or movie is frequently
available worldwide even before it is made commercially available to the public.
In many instances, warez groups illegally obtain advanced copies of copyrighted
products from company or industry insiders, then crack the copyright protections
before distributing the pirated versions on the Internet to an ever-expanding
web of FTP sites worldwide. Within hours of first being posted on the Internet,
a pirated version of a copyrighted product can be found on thousands of Internet
sites worldwide. Eventually, these pirated versions find their way onto pay-for-access
websites from China to the U.S., where users are charged monthly or per-purchase
fees for downloading the unauthorized copies.
Additionally, these warez "releases" provide an unending supply
of new product to counterfeit hard goods criminal organizations. For instance,
almost every new PC and console game is "cracked" and available
on warez sites either before or within 24 hours of their commercial release
("0-Day" releases). Hard good pirate syndicates in Asia and Russia
(for example) will download a "warez" 0-Day game release and mass
produce it at optical disc manufacturing facilities. These counterfeit hard
goods are then illegally sold in foreign markets often weeks before the manufacturer
ships the authentic goods for the official release date in those particular
markets. This can cripple the market for the legitimate products.
The “Release” Process:
Speed and efficiency are essential to the process for preparing and packaging
new pirated software for release and distribution to the warez community.
The process generally has four stages and can occur within a matter of hours:
SUPPLY: First, a group member known as a supplier
will post an original digital copy of new computer software to the group's
Internet drop site, which is a computer where software is posted
for retrieval by members of the group. Frequently, warez suppliers
are company insiders who have access to final versions of the company's
new software products before their public release date.
CRACK: Once the new supply is posted to the drop site,
another group member, known as a cracker, retrieves the software
and removes or circumvents all embedded copyright protection controls (e.g.,
serial numbers, tags, duplication controls, dongle protections, security
locks).
TESTING and PACKING: Following a successful crack,
the software must be tested to ensure that it is still fully operational.
Following testing, the software is then "packed," or broken into
file packets that are more easily distributed by other group members.
PRE[-Release] / Courier): After the software has been cracked,
tested and packed, it is returned to the drop site, where individuals who
will transfer or distribute the pirated copy across the Internet are waiting
for new arrivals. Once picked up by the "preers," the illegal
product is distributed to warez locations around the world in a matter of
minutes. In each instance, the new "release" will include an information
file (aka ".nfo file") which, among other things, proclaims and
attributes credit for the release to the originating warez group. These
messages allow groups and their members to get the credit they crave and
develop not only their own reputations within the scene, but also that of
the group.
