DRM-Free OnlyFans Downloads See Widevine Project Nuked From GitHub

Used by major video platforms including Netflix, Disney+, Amazon Prime Video, and Hulu to name just a few, Google content protection system Widevine can be found in leading browsers, games consoles, and most mobile devices. Circumvention has been ongoing for years, but after OnlyFans sent a complaint to GitHub, a Widevine decryption project has been ejected from GitHub.

 For streaming services such as Netflix, Digital Rights Management (DRM) systems provide a level of control over the company’s most valuable assets, including movies, TV shows, and other content for consumer consumption.

DRM not only restricts access to customers authorized to consume content, it can determine when and how it’s consumed too. When all goes to plan, DRM should also prevent end users from casually copying movies and TV shows, which should result in a positive contribution towards minimizing the spread of pirated content online; at least in theory.

Widevine Everywhere

Ultimately, whether users loathe it or just hate it, DRM exists in billions of web browsers and devices. One of the most widespread is Google’s Widevine and avoiding its footprint today is almost futile. It can be found in Chrome, Firefox and similar browsers, mobile platforms such as Android, videogame consoles, plus many set-top boxes and smart TVs. At least five billion of them, most probably more.

Unsurprisingly, Widevine has been exploited and reverse engineered over the years, as evidenced by the content it’s supposed to protect ending up on pirate sites, almost without exception. In 2020, Google took action against Chrome extension Widevine L3 Decryptor, which was capable of decrypting Widevine content keys by hijacking calls to the browser’s Encrypted Media Extensions (EME).

Problems persisted throughout 2021 and 2022 with Widevine Dump but the problems haven’t gone away. The same goes for individuals and groups committed to countering Widevine, although it’s still possible to attract negative attention.

OnlyFans Targets CDRM-Project

In a DMCA takedown notice dated April 22, 2025, OnlyFans owner Fenix International Limited informs GitHub that it had “recently become aware” of repos on the platform with code “specifically designed” to circumvent Fenix’s DRM, aka Widevine.

“The identified repositories contain step-by-step instructions which are specifically designed to circumvent the DRM protections in place on OnlyFans. The repositories contain links that are ‘hard-coded’ and specifically targeted at OnlyFans,” Fenix writes.

“The coding is designed to impersonate a video player in order to decrypt and play DRM protected files, obtaining the ‘secret’ token required to play the DRM protected content. The downloaded files are then converted into an MP4 format which has the DRM protection removed.”

CDRM-Project repo before suspension

In line with its pro-developer policy when processing DMCA takedown notices, GitHub contacted the operator of the main repo and the operators of six additional forks, with an opportunity to address the complaint and avoid suspension.

For reasons that aren’t revealed, GitHub’s outreach couldn’t prevent the suspension of the entire CDRM-Project repo and all reported forks.

CDRM-Project repo is no more

GitHub requested Fenix to identify “every specific file” in the repo that it considers infringing; Fenix responded with a statement that the “entire repository is infringing” and should be removed.

Anti-Circumvention Complaint

To GitHub’s credit, when rightsholders allege violations of the DMCA’s anti-circumvention provisions, GitHub conducts its own assessment. If there is no basis for a claim, GitHub sometimes finds other copyright-related grounds, but here there is no pushback. That’s usually a sign of a complaint that stands up under intense scrutiny.

Another unusual aspect to the complaint is the Fenix response to GitHub’s request to provide the alleged infringer’s contact details, if they’re in possession of them. In most cases rightsholders say they’re unaware of those details but here, Fenix provides the details of two sets of owners and two sets of contributors.

The project is now being made available via a repo on cdm-project.com but how long that’s likely to last is unclear.

When any DRM system unnecessarily restricts access to content by design or due to inherent limitations, those who suffer the most are legitimate customers. Most have no interest in piracy, were never part of the original problem, but are responsible for the bulk of the revenue. Once DRM starts to feel like DRM, that’s where the big problems start.

Source

Hope you enjoyed this news post.

Thank you for appreciating my time and effort posting news every day for many years.

News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of March): 1,357

RIP Matrix | Farewell my friend