- US DOJ seizes nearly 400 domains
- The sites were used to illegally broadcast World Cup matches
- Users of the sites were exposed to malware, data theft and other threats
Nearly 400 domains have been seized as part of Operation Offsides, a coordinated global effort to take down sites illegally streaming the 2026 FIFA World Cup.
The sites were seized by the Criminal Division of the U.S. Department of Justice for violating copyright and intellectual property laws.
The takedowns were coordinated by members of the International Computer Hacking and Intellectual Property (ICHIP) network.
The United States and its friends apply the offside rule
Many seized domains now display a banner explaining that the website was seized as part of Operation Offsides. “This measure was taken to protect consumers and enforce intellectual property rights around the world,” the banner said.
In May 2026, the FBI warned that thousands of domains were being registered ahead of the World Cup, with most created in an effort to scam fans looking for cheap tickets, access to streaming services and those looking for discounted merchandise. It appears that Operation Offside was aimed at disrupting streaming sites in particular, rather than taking down the broader fraudulent networks associated with these domains.
“We have seized hundreds of domains, used to illegally broadcast World Cup matches for profit, in order to disrupt international networks that profit from the global popularity of the World Cup,” said Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division.
“This operation illustrates the Department’s respect for intellectual property rights and the responsibility of the United States as host country to protect the FIFA World Cup from criminals. The Criminal Division will continue to disrupt and, where appropriate, seek to prosecute these sites and subjects responsible for this criminal activity.”
In many cases, networks of fake domains offering free or cheap access to streaming services are run by cybercriminals who deliberately operate at a loss in order to lure users to their services. In exchange for access to the streaming site, the domain will use the user’s local network as an exit node for the cybercriminal network, thereby hiding their traffic and making it appear legitimate.
Unfortunately for the user, who may think they have just found free access to all World Cup matches, their network and IP address could be used to distribute malware, cybercriminal communications and illegal content such as stolen data and exploitative material – including child pornography.
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
