The Unintended Consequence of Copyright Enforcement
Adult content creators on platforms like OnlyFans are fighting an endless battle against piracy. Their stolen images and videos are traded across shady online forums, often appearing in Google search results. To combat this, creators and their representatives file millions of Digital Millennium Copyright Act (DMCA) takedown requests, forcing search engines to remove infringing pages. However, a new analysis from cybersecurity firm UpGuard reveals an unexpected side effect: these takedowns are also removing hacked government and university websites that scammers have repurposed to host malicious links disguised as 'leaked' OnlyFans content.
According to UpGuard's research, shared exclusively with WIRED, more than 2,000 domains belonging to governments and educational institutions across 80 countries have received DMCA takedown requests linked to adult content over the past 15 years. The number of such incidents has risen dramatically since 2020, coinciding with the boom in the creator economy and the proliferation of OnlyFans. The scammers exploit the high authority of .gov and .edu domains, which rank well in search engines, to host pages promising free access to premium adult material. These pages often lead to malware, phishing schemes, or other scams.
How Scammers Hijack Official Websites
For years, cybercriminals have compromised insecure government and university websites to upload malicious content. They create pages or PDFs that claim to offer free movie downloads, iPhones, pornography, or Fortnite skins. By using the names of popular OnlyFans creators, they lure users searching for leaked content. The hacked pages appear legitimate due to the trusted domain, increasing the likelihood that users will click through and fall victim to scams.
UpGuard's analysis identified thousands of such compromised domains. The researchers found that many of these sites had been repeatedly hijacked, with scammers reusing the same vulnerabilities to upload new malicious pages after previous ones were taken down. The DMCA takedown requests, filed by companies representing adult creators, target these pages for copyright infringement. When successful, the pages are removed from search results, effectively neutralizing the scam.
The Creator's Perspective
Adult content creator Laura Lux, who has been publishing online for nearly two decades, describes the fight against piracy as an 'endless battle.' She notes that stolen content costs creators significant income, as it becomes freely available through a simple Google search. Lux emphasizes the importance of DMCA services, stating that without them, creators would be unable to protect their work. However, she was unaware that her takedown requests might also be cleaning up hacked government sites.
Lux primarily posts on OnlyFans but has used Patreon and her own subscription site in the past. She explains that the piracy ecosystem is largely driven by men who trade stolen adult content in private forums. The scale of the problem is immense, with millions of DMCA requests filed each year. While the primary goal is to protect creators' livelihoods, the collateral benefit of removing scam pages is a welcome side effect.
The Scale of the Problem
UpGuard's research highlights the widespread nature of this issue. The 2,000+ affected domains span 80 countries, indicating a global problem. Many of these websites belong to local governments, school districts, and universities that lack robust cybersecurity measures. The compromised pages often remain online for extended periods, as website administrators may not be aware of the hijacking. The DMCA takedown process, while designed for copyright enforcement, inadvertently serves as a cleanup mechanism for these malicious pages.
The increase in hijackings since 2020 correlates with the rise of OnlyFans and the broader adult creator economy. As more creators join platforms like OnlyFans, the demand for leaked content grows, providing a lucrative incentive for scammers. The use of .gov and .edu domains adds a layer of credibility that makes the scams more effective.
Implications for Cybersecurity
The intersection of copyright enforcement and cybersecurity raises important questions. While DMCA takedowns are not a substitute for proper website security, they offer a temporary fix for compromised sites. However, the underlying vulnerabilities remain, allowing scammers to re-hijack the same domains. UpGuard recommends that government and educational institutions prioritize patching security holes and monitoring their websites for unauthorized changes.
For adult creators, the situation underscores the importance of proactive copyright protection. Many creators now employ DMCA takedown services that automatically scan for stolen content and file complaints. These services have become essential tools in the creator economy, but they also contribute to the unintended cleanup of the web.
Conclusion
The accidental removal of hacked government websites by OnlyFans creators' DMCA takedowns is a fascinating example of unintended consequences. It highlights the complex interplay between copyright law, cybersecurity, and the creator economy. While the primary motivation is protecting intellectual property, the broader impact includes making the internet safer for all users. As the creator economy continues to grow, the role of DMCA takedowns in combating both piracy and cyber scams will likely become even more significant.
This article is based on reporting by Wired. Read the original article.
Originally published on wired.com








