For Telugu cinema, 2025 was the year of the split screen, where on one hand there were spectacular box office successes, and on the other there was the shady underworld of leaks, hacks and digital piracy. While some films took off and some sank, the real plot twist unfolded far away from the theater hall.
Behind the scenes, a coordinated, sustained effort by the Telangana Police, the Indian Cyber Crime Coordination Center (I4C) and the Anti Video Piracy Cell (AVPC) of the Telugu Film Chamber of Commerce quietly caught the industry’s most elusive pirates.
By the time the net tightened up, several major operators had been tracked down and cornered, including Cyril Raja Amalados, who sent new releases to several syndicates, and then a More infamous names in trend: Ravi Imandi of Ibomma.
On October 17, after tracking his movements for several months, the Telangana Police finally stopped Ravi when he visited Hyderabad. According to the police, he led a piracy network built around IBomma, Bappam TV and over 65 mirror websites that hosted newly released Telugu movies in crisp high definition (HD) print. The scale was staggering: hard drives containing 21,000 films in different languages were seized, and police estimated that Ravi made around ₹20 crore from the operation, with the money allegedly invested in flats and plots. His bank accounts containing ₹3.5 crore have now been frozen.
But the theft itself was only the preparatory act. As police dug deeper, they found a deeper layer: users streaming pirated movies on iBomma and its mirror pages were quietly being led to betting platforms, a pipeline that enabled identity theft, data mining, and financial fraud.
Two of Ravi’s associates – web developers Dudela Shivaji and Susarla Prashant – were arrested in September. Ravi’s name is also included in four other FIRs related to piracy, online fraud and data theft.
His arrest added to the string of earlier successes. on September, The cyber crime wing had arrested five people: Bihar’s Ashwini Kumar, the kingpin who allegedly hacked servers of digital media companies to steal HD prints of new films; Tamil Nadu-based Cyril Infante Raj is believed to have managed piracy websites like 1TamilBlasters and uploaded over 500 movies through international servers since 2020, earning around ₹2 crore in cryptocurrency; Hyderabad’s Jan Kiran Kumar accused of recording over 100 movies inside theaters with secret mobile devices; Sudhakaran of Erode who confessed to recording 35 South Indian titles; and Arsalan Ahmed who allegedly uploaded films on the file-sharing platform and broadcast them through Telegram channels.
a sure step
The wave of arrests and a sustained crackdown on piracy comes after new triggers. AVPC had filed a complaint after Telugu films #alone And Hit: Third Case Appeared online on the same day of its release, followed by another similar leak soon after KuberEach incident placed renewed pressure on enforcement, indicating that pirates were becoming bolder and more sophisticated,
According to investigators, the syndicates thrived behind layers of digital camouflage: encrypted Telegram groups, foreign domain-hosting servers and cryptocurrency payment trails that blurred their footprints across jurisdictions.
Recent arrests have brought a ray of hope to the industry, but the fight is far from over. For every iBomma or 1TamilBlasters that is removed, there are many more Hydra-like networks at work, waiting to fill the void.
AVPC has estimated a revenue loss of Rs 3,700 crore to the industry in 2024 due to piracy. Losses for 2025 will be estimated by the end of the year, although chairperson Rajkumar Akela expects the numbers to be lower this time.
“Tackling piracy is a long, ongoing battle,” he says. “Many rogue websites like 1Tamilmv, Movierulz, Tamilrockers and CineVood are thriving. Recent arrests have shown that if all our efforts continue, there will be consequences.”
While pirated links of new releases are also included Andhra Raja Taluka And In your love, “There is a faint glimmer of hope that continues to emerge online,” says Rajkumar. Most of those prints are no longer very sharp HD versions. Earlier events in the films, such as hit 3, alone And Kuber, Uploading online on or before the release day had caused a stir in the industry, but now uploads are happening online about two days after the film hits theatres. “Still, it’s worrying,” he admits.
The noose seems to be tightening. Rajkumar says the Telangana police have been working in coordination with I4C, which has started to show measurable impact in the industry: “The police alerted us about some leak points and we upgraded the standard operating procedures for digital cinema suppliers to plug these loopholes. This has helped. Additionally, apart from an incident in Dharmavaram in Anantapur district, there have been incidents of people pirating new films with webcams inside cinemas in two Telugu states in the last two months. No case has come to light.”
But this path does not end within regional boundaries. New piracy links from webcam prints have been found in Gujarat, Tamil Nadu and other states, often in remote locations where security measures are lax.
Unlike the pre-digital era, when curbing piracy meant tracking down lone operators, recent arrests have helped expose the modus operandi of large-scale networks.
how it all started
The vast network of digital piracy first came into focus during the release of bahubali 2 In 2017. Rajkumar recalls how the case of Priyank Pardeshi, a San Francisco-based IT employee, highlighted the scale of a distributed, cross-border operation. Pardeshi allegedly worked with associates recording films on webcams in Kolkata, while another member of the network threatened Hindi film production houses, demanding huge payments to prevent their upcoming releases from being leaked.
“This was the time when we could track IP addresses, before pirates started hiding them,” says Rajkumar. “We took the route of Jabalpur and Pune. Even in 2017, transactions were being conducted using cryptocurrencies. This showed us the complexity of the issue. At that time, it became difficult to trace criminals across geographical locations due to jurisdictional challenges.”
He says the Home Ministry-backed I4C has helped bridge those gaps.
To put things in perspective, he points to the case of Aibomma Ravi, who was eventually arrested when he visited Hyderabad for a short period of time. “If he is living in France and outsourcing his work to the Caribbean islands, how can we catch him without the help of local authorities?”
The investigation revealed the vastness of Ravi’s operation: the iBomma and Bappam domains were controlled by employees in the Caribbean and the UK. According to the police, Ravi admitted to purchasing movies through the Telegram app to upload them on the domain. They also record movies from OTT platforms and convert them to HD quality through a multi-layered, auto-generated mirror transmission system. The servers supporting the network were operated from the Netherlands and Switzerland.
Investigators found that Ravi had initially registered the iBomma domain along with his e-mail ID, debit card and personal details through a company called Najalla. The site was later hosted on IPVolume, which provided the backend infrastructure. Its built-in script redirects users who click on movie links to online gaming and illegal betting platforms before providing access to the pirated movie.
international multiple crimes
Long dismissed as a “victimless crime”, piracy was rarely considered serious enough to warrant the involvement of law enforcement agencies across borders. But as Rajkumar describes it, piracy has now evolved into a “transnational multi-crime”, a widespread nexus linked with betting syndicates, identity theft and malware attacks, forcing global agencies to pay attention.
In July, the Digital Piracy Conference at the Indian School of Business, Hyderabad, attended by officials from the Central Bureau of Investigation and Interpol, focused on this growing nexus between piracy and cyber crime. The arrest of Aibomma Ravi, and the subsequent revelation of how the site exposed users’ financial and identity data to betting networks and fraud portals, is an example. A producer who works closely with AVPC says, “Anyone who argues that there is no harm in watching movies on piracy websites needs to understand that movie piracy is just one aspect; identity theft and malware affect every user.”
Producer Sureshbabu agrees. “It is good that the government is helping us deal with piracy. The bigger issue is to make people realize the seriousness of the issue. Apart from the loss to the manufacturers, their privacy has been compromised.”
These concerns were echoed internationally. At the Interpol Global Meeting on Digital Piracy held in Seoul, Korea on November 17 and 18, the need for global enforcement agencies to stay connected and exchange knowledge for actionable intelligence was a major theme, says Rajkumar. “If cinema is going global, then piracy is also going global.”
Piracy and Malware
In 2021, cryptomining malware was found embedded in pirated downloads Spider-Man: No Way HomeCompromising both individual devices and corporate networks.
Rajkumar reiterated, “If just one piracy syndicate (iBomma) was earning around Rs 25 lakh per month, it shows the magnitude of the problem. Betting apps linked to the network are benefiting from the traffic coming to piracy sites.”
On November 27, the Telugu film industry, with the help of the Telangana government, signed an MoU with Japanese film and anime organization CODA (Contents Overseas Distribution Association) to strengthen intellectual property protection and take countermeasures against online copyright violations. This MoU assumes significance in view of the increasing popularity of Japanese anime in India.
For Rajkumar, the bigger fight now is to hold middlemen like web-hosting companies accountable. “When piracy links are encountered, complaints are made with the hosting domain, and it takes 24 to 36 hours for the link to be removed. By then, the damage has been done as hundreds of mirror websites will already have those links. We are developing tools to escalate the issue in real-time to the hosting domain.”
