- The US DOJ has seized nearly 400 domains
- The sites were used to illegally stream World Cup games
- Users of the sites were exposed to malware, data theft and other threats
Almost 400 domains have been seized as part of Operation Offsides – a coordinated global effort to take down websites illegally streaming the 2026 FIFA World Cup.
The sites were seized by the US Department of Justice’s Criminal Division for copyright and intellectual property violations.
The takedowns were coordinated by members of the International Computer Hacking and Intellectual Property (ICHIP) network.
USA and friends enforce the offside rule
Many of the seized domains now display a banner explaining that the website was seized as part of Operation Offsides. “This action was taken to protect consumers and enforce intellectual property rights worldwide,” the banner reads.
Back in May 2026, the FBI warned that thousands of domains were being registered ahead of the World Cup, with most set up to defraud fans looking for cheap tickets, access to streaming services and those looking for discounted merchandise. It appears that Operation Offside was focused on disrupting streaming sites in particular, rather than rooting out the broader fraud networks associated with those domains.
“We have seized hundreds of domains used to illegally stream World Cup matches for profit in order to disrupt the international networks that benefit from the World Cup’s global popularity,” said Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division.
“This operation illustrates the Department’s respect for intellectual property rights and the United States’ responsibility as host nation to protect the FIFA World Cup from criminals. The Criminal Division will continue to disrupt and, where appropriate, seek to prosecute these websites and the individuals responsible for this criminal activity.”
In many cases, the networks of fake domains that offer cheap or free access to streaming services are operated by cybercriminals who deliberately operate at a loss to attract users to their services. In exchange for accessing the streaming site, the domain will use the user’s local network as an exit node for the cybercriminal network, obfuscating their traffic and making it appear legitimate.
Unfortunately for the user, who may think they’ve just found free access to every World Cup game, their network and IP address can be used to distribute malware, cybercriminal communications and illegal content such as stolen data and exploitative material – including child sexual abuse material.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
