US, France, and Italy Seize Deepfake Porn Sites CFAKE and SOCFAKE
U.S. authorities seized the domains CFAKE.com and SOCFAKE.com, alleging the sites published thousands of non-consensual sexually explicit deepfake images and videos of women, including celebrities, politicians, journalists, athletes, and royalty. The action was carried out by the Departments of Justice and Homeland Security under the TAKE IT DOWN Act, a 2025 law that criminalizes unauthorized publication of sexually explicit digital forgeries. Officials said the platforms hosted abusive content categories such as “rape,” “forced,” and “degradation,” and described the operation as a major effort to stop psychologically harmful exploitation of victims.
The takedown followed a multinational investigation that began after Italy’s Polizia di Stato alerted U.S. authorities and expanded through evidence sharing with France under the Budapest Convention on Cybercrime. In a parallel French case, police in Nice arrested a 47-year-old French national accused of serving as a CFAKE administrator and seized site-related computer equipment along with more than $48,000 in Ethereum. French investigators linked the platform to roughly 300,000 images, 7,000 videos, 14,000 depicted individuals, about 200,000 user accounts, and nearly 4 million monthly views, underscoring the scale of the alleged abuse network.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
U.S. authorities seize CFAKE.com and SOCFAKE.com
U.S. federal authorities, including the Departments of Justice and Homeland Security, seized the domains CFAKE.com and SOCFAKE.com for allegedly publishing thousands of non-consensual sexually explicit deepfake images and videos. Officials described the action as a major enforcement step under the TAKE IT DOWN Act, carried out with support from French and Italian authorities.
Italian police alert U.S. authorities about CFAKE and SOCFAKE
Italy’s Polizia di Stato first notified U.S. authorities about the deepfake pornography websites, initiating the international investigation that later involved France and the United States.
TAKE IT DOWN Act enacted in the United States
The TAKE IT DOWN Act was enacted in May 2025, criminalizing the unauthorized publication of sexually explicit digital forgeries and expanding federal authority over nonconsensual deepfake pornography cases.
French police arrest suspected CFAKE administrator in Nice
On 2026-06-10, French police arrested a 47-year-old French national in Nice as part of a parallel investigation into CFAKE. Authorities said they seized site-related computer equipment and more than $48,000 in Ethereum.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women
hackread.com
Open sourceDOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
bleepingcomputer.com
Open sourceU.S. seizes domains used to publish nonconsensual AI-generated nude images | brief | SC Media
scworld.com
Open sourceUS, France, and Italian authorities shut down massive deepfake porn site | CyberScoop
cyberscoop.com
Open sourceSeizing Deepfake Porn Websites Under TAKE IT DOWN Act
securityonline.info
Open sourceOffice of Public Affairs | United States Seizes Domain Names Publishing Nude Digital Forgeries of Famous Women | United States Department of Justice
justice.gov
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
FTC Enforces 48-Hour Takedown Rule for Nonconsensual Deepfakes
The Federal Trade Commission said it will begin enforcing a key provision of the Take It Down Act on May 19, requiring covered websites and online services to remove reported nonconsensual intimate imagery and AI-generated deepfake content within 48 hours. FTC Chair Andrew Ferguson notified major platforms including Meta, Google, and X that failures to comply can trigger investigations and civil penalties of up to **$53,088 per violation**, and said companies must publish clear removal policies and provide accessible reporting channels, including for people who do not have accounts. The requirement applies broadly across websites, apps, social media, image and video sharing services, and gaming platforms. The FTC also urged companies to use hashing technologies and coordinate with groups such as the **National Center for Missing and Exploited Children** and **StopNCII.org** to prevent removed material from being reuploaded. Supporters said the enforcement regime gives the law real consequences for noncompliance, while civil liberties and policy experts warned the short deadline and steep fines could lead platforms to over-remove legitimate content or create openings for bad-faith complaints.
May 27, 2026
Deepfake Impersonation and Legislative Response in the United States
The FBI has reported ongoing campaigns in which unknown actors use AI-powered voice cloning and deepfake technologies to impersonate senior U.S. government officials, including members of Congress and Cabinet-level leaders. These impersonators initiate contact via SMS and then move conversations to encrypted messaging apps such as Signal, WhatsApp, and Telegram, leveraging AI voice cloning to convincingly pose as high-level officials. The FBI's updated assessment reveals that these activities have been occurring since at least 2023, targeting not only officials but also their family members and acquaintances, with the intent to extract sensitive information or perpetrate scams. In response to the growing threat of malicious deepfakes, the U.S. government has enacted the Take It Down Act, one of the first major federal laws specifically targeting the spread of nonconsensual AI-generated deepfake pornography. The law criminalizes the publication of such content, mandates its removal within 48 hours upon notification, and empowers the Federal Trade Commission to enforce compliance. The U.S. Sentencing Commission is now seeking public input on sentencing guidelines, proposing penalties of up to two years' imprisonment for adults and three years for minors, reflecting the seriousness with which lawmakers are treating the misuse of deepfake technology for harassment and abuse.
Mar 21, 2026
Operation Alice dismantles 373,000 fraudulent dark web sites
German authorities, backed by Europol and law enforcement partners in 23 countries, launched **Operation Alice** against a major dark web fraud network built around the platform **"Alice with Violence CP"**. Investigators said a 35-year-old man in the People’s Republic of China operated more than **373,000** onion domains that falsely advertised child sexual abuse material and **cybercrime-as-a-service**, took payment in **Bitcoin**, and failed to deliver the promised content. The investigation began in mid-2021 and examined activity spanning November 2019 through July 2025. Between 9 and 19 March 2026, authorities shut down more than **373,000** dark web sites, seized **105 servers** and multiple electronic devices, and identified the alleged operator along with **440 customers** worldwide. Officials estimate the scheme generated more than **EUR 345,000** from roughly **10,000 customers**, while German authorities issued an international arrest warrant and said investigations continue against more than **100 individuals**. Europol added that the operation also supported child protection efforts, including immediate interventions where children were found to be at risk and intelligence development on suspects seeking severe CSAM.
Apr 14, 2026