This seems to be confirmed by the fact that most torrent sites have 4K copies of brand new streaming only content while no publicly known exploits exist.
Since you are running the exploit locally without affecting other peoples machines, I imagine it would be close to impossible to work out what exploit they are using.
Are those actual decrypted copies of the original stream, though? Or did they just re-record the output? For the latter you'd only need to break HDCP, right?
Well but there's likely to be at least a small quality difference, and a considerable a quality per file size difference, because the video would need to be re-encoded.
That's the beauty of the asymmetry against DRM, only a single decoded file (which will always happen) is enough for seeding to everybody.