Filter blogs by:

CDN Leeching in detail: What it is and what you can do about it

CDN Leeching: Understanding the Evolving Face of Piracy is a new white paper from VO that looks in detail at the threat of CDN Leeching and how media organizations can combat the latest form of piracy.

cdn leeching-1

Most people in the industry have heard of CDN Leeching by now. But not everybody understands exactly what it is yet, nor why it is so dangerous and such a threat to broadcast and operator incomes.

We were one of, if not the first, company to write about CDN Leeching back in November 2022, and have been closely monitoring the way it has spread and the increasing impact it has had ever since. As our knowledge of it is deepening all the time, we’ve collaborated with our leading researchers to channel our unique expertise and thought leadership into a comprehensive white paper that examines CDN Leeching from all aspects.

With a growing amount of misinformation around the topic, our white paper explores precisely what CDN Leeching is. It describes it in detail; examines its impact at many points in the chain, from distributors to consumers; looks at how it is detected; and provides a linked set of recommendations, solutions, and best practices to help neutralize the threat.

Download it now and start understanding and fighting against the triple threat of CDN Leeching — subscription loss, increased expense, and service impacts — today.

CDN Leeching popup 560x294

CDN Leeching: how it started

Towards the end of 2020, our anti-piracy experts started noticing unusual behavior in the content delivery networks of several of our clients. Closer investigation revealed what some operators at the time referred to as ‘vampire services’; servers run by pirates that had wormed their way into the legitimate distributed network and were redirecting the content stream to their own services. 

This was an area of immediate concern as this new technique of hijacking the video stream in transit across the internet opened up a whole new front in the continuing battle against video piracy.

This in a nutshell is what CDN Leeching is; a pirate uses a variety of different attacks to allow an unauthenticated user to get content directly from a CDN. They can then pipe that content directly into their own illegal live streaming services, redistributing the stolen feed to their own customers. What makes it even more frustrating for the legitimate operators is that this extra free traffic at their expense not only overloads their bandwidth and potentially damages the QoS for their legitimate customers, but it actually increases their overall costs. Essentially, they end up funding the pirate operation’s distribution themselves.

These pirate services in turn are becoming increasingly sophisticated and, with advanced front-end operations, can often appear legitimate to the casual user, with subscriber offers, discounts, advertising, and more.

One ‘leech’ can feed an entire illegal service, with some of the largest operations having built up tens of thousands of customers of pirated content.

How to fight against CDN Leeching

Pirates use a variety of different ways to hack their way into a CDN, including protocol reverse-engineering and misconfiguration abuse. Fraudulent DNS and initial access broker attacks can also open up access to a CDN, allowing not only the theft of delivery resources but also facilitating access to servers and content repositories.

CDN Leeching: Understanding the Evolving Face of Piracy examines this part of the problem, provides an explanation of how it can be detected, and looks in detail the way it can be combated.

Here is an excerpt:

“It is tempting to say that technology will solve any problem, but with piracy,
it takes an ecosystem composed of technologies and formal guidelines. This is especially the case with CDN Leeching, where the initial attack may come through any point.

“Technical solutions must be complemented by best practices that include processes for identification, verification, escalation, and resolution, along with the assignment of responsibilities. These practices improve with experience. To make it all work, excellent organizational communication is crucial, often involving international collaboration, and specific Anti-Piracy responsibility must be assigned, including for the management of CDN Leeching.”

The best practices described in the document include ensuring that access tokens and keys are set to expire so they cant be re-used thus limiting their exposure in case of illegal access gained, as well as various other identification and resolution techniques and processes that should be put in place. To discover the full list of recommendations and get the full picture about the threat, download your copy of the free white paper now.

Of course, CDN Leeching is only a part of the wider piracy landscape. As always with video piracy, video providers should take a holistic approach that combines analytics with content protection through digital rights management, content identification via watermarking and monitoring, and end user authentication.

At VO we constantly track and monitor all the illegal activity in the field, and our holistic approach to anti-piracy is designed to not only counteract any pain point, type or source of video piracy, but also to keep evolving and adapt to the continuously changing threats it presents.  


Mélanie Langlois

Mélanie Langlois is VO's Product Manager, Anti-Piracy Services. Based in France, she joined VO in 2023 after working for seven years as a Senior Information Technology Project Manager at Orange Business Services. Prior to that she worked worldwide for a variety of high-profile companies, including TradingScreen, Credit Agricole, and ActiveViam. She has a Masters in Computer Sciences and Biotechnologies from Université de Poitiers.