The U.S. Departments of Justice and Homeland Security seized CFAKE.com and SOCFAKE.com this week, ending a pipeline that served 4 million monthly views of nonconsensual AI-generated sexual imagery of real people.
The French investigation tells you the scale: 300,000 images, 7,000 videos, and 14,000 identifiable individuals, including politicians, first ladies of multiple countries, royalty, journalists, television presenters, athletes, and entertainers. The site organized content under browseable categories including “rape,” “forced,” and “degradation,” and pushed 50 new pieces of content every day to 200,000 registered users.
Italy’s Polizia di Stato flagged the sites to U.S. authorities. A parallel probe by Paris prosecutors led to the arrest of Cyrille B., 47, at his home in Nice. Authorities also seized computer equipment and a little more than $48,000 in Ethereum, which French investigators say came from the site’s advertising revenue. He’s facing up to seven years in prison and a €500,000 fine, with no prior criminal record. Trial is set for July 7.
The seizures rank among the largest under the TAKE IT DOWN Act. Signed by Trump in May 2025, the law makes publishing nonconsensual deepfake imagery a federal crime.
For operators hosting user-generated visual content, this case sharpens what “compliance” actually means. The Act’s notice-and-removal requirements for covered platforms were due May 19, 2026 — that deadline has already passed. HSI went international on one of its first major domain seizures under the law. Running through offshore infrastructure doesn’t delay enforcement. What changes Monday: your takedown workflow isn’t a product roadmap item. It’s a federal requirement.
Nathan Zakhary