How an AI-driven phishing report briefly took itch.io offline

Itch.io says its domain was briefly disabled after an AI-driven phishing report tied to Funko and BrandShield. The platform says the disputed user page had already been removed, but its registrar still disabled the domain for a few hours Monday morning.

WTF Index TERMINATOR
◄ Terminator 2 Idiocracy 1 ►

An AI-powered brand protection system allegedly generated a bogus phishing report that escalated into a temporary domain takedown, showing mild automated-control risk.

How an AI-driven phishing report briefly took itch.io offline

Itch.io, the popular indie game platform, briefly lost its domain for a few hours Monday morning after what it described as an AI-driven phishing report connected to Funko and BrandShield. The site returned by 7 am Eastern, but the incident showed how a complaint aimed at one page can escalate into a broader outage when registrars and automated systems are involved.

What happened to itch.io

According to itch.io management, the takedown began with a report sent to its registrar, iwantmyname. The platform said the report came from BrandShield, a brand protection company used by Funko of Funko Pop.

In a social media post, itch.io complained that Funko used an “AI Powered” brand protection system from BrandShield, which it said created a bogus phishing report. Itch.io said iwantmyname ignored its response and disabled the domain.

The effect was temporary but visible. The itch.io domain was unavailable for a few hours Monday morning, even though users could still reach the site by typing the itch.io IP address directly into a browser. That distinction matters: the service itself was not described as fully gone, but its domain access was disrupted.

The page behind the complaint

Itch.io founder Leaf “Leafo” Cohran later explained in a Hacker News comment that the complaint appeared to trace back to one user-created page. That user had “made a fan page for an existing Funko Pop video game (Funko Fusion), with links to the official site and screenshots of the game.”

That page triggered independent reports to itch.io’s host and registrar alleging “fraud and phishing” a few days before the outage. Cohran said the page was taken down immediately after the complaints arrived.

The key dispute is what happened after that removal. Cohran said he suspected the original complaint caused the registrar’s automated system to disable the domain because no one read itch.io’s confirmation that the content had been removed.

That sequence left itch.io in a difficult position. From the platform’s account, the specific page had already been addressed, yet the domain-level consequence still followed.

BrandShield’s explanation

BrandShield presented the incident differently in its own social media posts. The company said its “AI-driven platform” identified “an abuse of Funko… from an itch.io subdomain.”

BrandShield also said its takedown request targeted that subdomain, not all of itch.io. In its framing, the broader outage was not the action it requested.

“The temporary takedown of the website was a decision made by the service providers, not BrandShield or Funko.”

BrandShield’s website describes the company as a service that “detects and hunts online trademark infringement, counterfeit sales, and brand abuse across multiple platforms.” It also says the company has multiple Fortune 500 and FTSE100 companies on its client list.

Those details place the incident in a broader category of automated brand protection. Such systems are built to flag suspected abuse across the web, but this case shows the stakes when a report moves from a specific subdomain or page into the infrastructure that controls access to a whole platform.

Why the outage matters

The itch.io incident was brief, but it exposed a fragile part of the web. Domain registrars and DNS servers remain essential control points for online businesses. If the domain stops resolving correctly, many users experience that as the site being down, even when the underlying service can still be reached another way.

The source article connects this event to wider concerns about DNS reliability. Back in May, the desyncing of a single DNS root server could cause problems across the entire Internet. In 2012, Anonymous highlighted the potential for a coordinated attack to take down the entire DNS system.

The common thread is dependency. A web platform can operate normally in one layer while access fails in another. In this case, the practical problem was not only the original complaint, but the chain that followed: a brand protection report, a registrar process, a removed page, and a domain that still went offline.

For itch.io, the outage ended quickly. For other web-based businesses, the lesson is larger. Automated enforcement reports may be aimed at narrow targets, but when they interact with registrar systems, the consequences can become much broader than the disputed page itself.