US seizes hundreds of FIFA World Cup illegal streaming domains
Home<br>News<br>Security<br>US seizes hundreds of FIFA World Cup illegal streaming domains
US seizes hundreds of FIFA World Cup illegal streaming domains
By Sergiu Gatlan
June 29, 2026
07:21 AM
The U.S. Justice Department's Criminal Division has seized nearly 400 web domains used for illegally streaming matches at the FIFA World Cup.
These websites provided visitors with unauthorized real-time streams of 2026 World Cup matches, in violation of U.S. copyright law.
The action was coordinated with international partners through the International Computer Hacking and Intellectual Property (ICHIP) Network of U.S. prosecutors, with authorities targeting servers and domains in Peru and Bulgaria, as well as in Croatia, Romania, Poland, and Colombia.
"This website has been seized by law enforcement authorities as part of Operation Offsides, a coordinated global effort led by the National Intellectual Property Rights Coordination Center with international law enforcement and private sector partners," a banner displayed on the seized domains reads.
"This action was taken to protect consumers and enforce intellectual property rights worldwide."
Banner displayed on seized sites (U.S. Justice Department)
Law enforcement agents identified the seized domains using leads provided by U.S. authorities, with assistance from FIFA (Fédération Internationale de Football Association), beIN Media Group, NBCUniversal, the Motion Picture Association's Alliance for Creativity and Entertainment (ACE), Ultimate Fighting Championship (UFC), and Warner Bros.
"These streamers not only violate copyright laws but also expose viewers to potential threats — including malware attacks and unsecure connections that can compromise personal and financial data," said Special Agent in Charge Eric Weindorf of ICE Homeland Security Investigations (HSI) Washington Field Office on Friday.
The Friday announcement comes after the FBI warned in May of fake websites impersonating FIFA ahead of the 2026 World Cup, to sell fake tickets and hospitality packages, steal personal and financial information, and push other scams and fraud attempts related to the event.
Last week, ACE, UEFA, UC3, and Mexican authorities shut down 44 domains part of a major sports piracy ring linked to the illegal PirloTV streaming platform. Collectively, these domains generated more than 950 million visits every year, including around 230 million visits from Mexico alone.
PirloTV aggregates and embeds links to unauthorized live sports streams, primarily soccer, and is notorious for aggressively migrating to new domains following takedown actions by authorities.
"The service primarily targeted viewers throughout Latin America, with particularly strong audiences in Mexico and Colombia, while also attracting significant traffic from markets such as Spain and the United States," ACE said at the time.
PirloTV is reportedly used to watch World Cup 2026 matches on mobile devices, as platform-specific access restrictions and broadcasting rights fragmentation complicate legal access to the content.
Test every layer before attackers do
Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.<br>The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Get the whitepaper
Related Articles:
PirloTV sports piracy network disrupted as 44 domains seized<br>FBI warns of fake FIFA websites running World Cup fraud schemes<br>Dutch police arrests suspect linked to Ajax football club hack<br>NY man charged after harassing college student with AI-generated nudes<br>FTC warns of record $3.5 billion losses to imposter scams in 2025
FIFA
Football
Piracy
Seizure
Soccer
Sports
Streaming
USA
World Cup
Sergiu Gatlan
Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.
Previous Article
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now
You may also like:
Upcoming Webinar
Popular Stories
FBI: Russian hackers now target Signal backup recovery keys
CISA sets urgent deadline to fix Cisco flaw exploited in attacks
Polymarket customers lose $3 million in supply-chain attack
Sponsor Posts
Prove any CVE is exploitable without firing an exploit. Read the TTP-chaining guide.
CTI Starter Kit + 2026 SANS CTI Survey
Overdue a password health-check? Audit your Active Directory for free
Build a GRC agent in minutes, no code. Get early access to Agent Studio.
VOIP Detection with Phone.com and IPQS
Upcoming Webinar
Login
Username
Password
Remember Me
Sign in anonymously
Sign in with Twitter
Not a member yet? Register Now
Reporter
Help us understand the problem. What is going on with this comment?
Spam
Abusive or Harmful
Inappropriate...