14 Year Old BitTorrent Hacker Threatens to Sue What.cd Users
Written by enigmax on November 12, 2007Users of OiNK-replacement What.cd, are receiving emails from what appears to be the RIAA. In it are threats that users must either stop their ‘criminal acts of piracy’ or have charges pressed against them. But is it the RIAA? Rival Waffles.fm? No, it’s a 14 yr old script kiddie out for revenge, says What.cd
Users of What.cd were in for more than a little shock today. Members of one of the OiNK replacement sites started receiving worrying emails from the music file-sharers arch nemesis - the mighty RIAA.
The email reads:
Date: 12 Nov 2007 11:35:46 +0100
Message-ID: <2007111XXXXXXX.XXXXX.qmail@bitient.org>
To: XXXXXXX
Subject: Music Piracy
From: piracy@riaa.org
Reply-To: piracy@riaa.org
X-Originating-IP: [76.74.24.143]
X-Originating-Email: [piracy@riaa.org]
X-Mailer: Internet Mail ServiceDear registered user of the site What.cd,
We have recently been investigating the activities of the users of the site http://www.what.cd/ and we have found that this site exists for the sole purpose of music piracy.
Pirating music is a criminal offence and we believe it should be obvious to you that the results outweigh the benefits - hard working artists won’t be rewarded for their work and will stop producing music, ultimately leading to a severely reduced selection of music both in the shops and for download.
The RIAA had hoped that the disabling by the police of the large illegal music site, Oink.cd, would stop a lot of people from engaging in piracy, as they don’t want to be seen as criminals. However, this appears to not be the case, as two large new sites have sprung up in its place.
This email is the final warning to all of you who were members of Oink.cd and are current members of What.cd. If we find you to be committing any more criminal acts of piracy then we will have to press charges against you, as representatives of the major record companies of
America.Yours Faithfully,
The RIAA
Worrying, especially as the IP address in the email seems to indicate it really is from the RIAA. Visitors to the What.cd site were then greeted with this message:
This week has been terrible. After we did two code audits and fixed our security issues, our wonderful attackers couldn’t get in (yay!), so they turned to brute force. After having been hit by several port scans and a rather fearsome DDoS attack (traffic reaching almost 80 megabits per second (note: that’s 10 megabytes per second)) our server pretty much went to hell. After an extended downtime (ending a couple hours ago) during which we tweaked firewall settings, etc., we decided that it was safe enough to bring the site back up.
Pretty much immediately after the site came back up we had someone trying to brute force our (well passworded) ssh accounts (they’ve now met the hot burny side of the firewall).
What have we learned from all this? That there is a person or a group of people somewhere that wants us to disappear. We originally thought that the attacks were by bored kids, but whoever was behind the DDoS appears to be much more serious than that. We aren’t going to publicly speculate on who is behind the attacks - we’ll leave that to you guys.
Despite these attacks, we are still up and running, and we hope to stay this way for a very long time. We have plans for this site, and we aren’t going to flush them down the drain just because some people don’t like what we’re doing. The first of our plans involves a very cool freeleech plan, but we’re going to wait until we’re sure the tracker’s relatively stable for
that. For the time being, we’re keeping freeleech on until further notice.
But what about the emails? Is the RIAA really sending them out? If not, then who is and how did they get the What.cd user database? What.cd think they have the answer in a post on their site, replicated on this Pastebin page.
Other sites are already publishing the information above and a quick Google search does indeed reveal some interesting details. Apparently, the person held responsible for the hacking and the RIAA email is only 14 year old and not as much as a threat some believed him to be. The alleged hacker’s date of birth, his hometown, hobbies and much more are detailed on Google.
Before today, he probably enjoyed telling the world about himself on social networking sites too.
He’s also mentioned on this Pastebin page full of haxor code - along with what.cd.
The youth of today….what’s the world coming to?
Update: It appears someone claiming to be ‘biscuit’ offered the database for sale and even threatened to send it to the RIAA. After deciding that he should keep it - for later ‘blackmail’ purposes he hopefully considered this link and realized it’s not worth it, deleted the database and forgot all about it.
Update: biscuit wrote that he’s not responsible for the hacking and claims that the bash log is doctored.
Previously: Hungary Shuts Down BitTorrent Sites, Pre-Empts US Action
Next: Mininova Enters List of 50 Most Popular Sites on the Internet
156 Responses
Pages: « 1 2 3 4 5 [6] 7 » Show All
Mary knew a little man whose prick was very thin
Every time he fucked her, she would ask him “Is it in?”
The hacker is in the UK? Why not pass the details onto the police? We’ve got STRICT laws here on this sort of thing and know of one person who lost their internet for a very loooong time for being stupid.
What a fucking douchebag. I hate immature teenagers who do this shit and hurt the community.
I am 15, and me and a couple of my friends are very responsible torrent users, digg users, small-time coders and all-around geeks. It sucks when idiots like this come and give young geeks a bad name!
He’s also mentioned on this Pastebin page full of “haxor code” - along with what.cd.
haxor code? That’s NS records :P
Guys, he did’t just hack what.cd
he fucked with all of us, members, and when a punk starts doing that shit harassing us via emails and threatening to send out our info to the RIAA, we fuck em back. It’s one thing to screw around with a sites security holes, and another thing what he did to us, which makes him a fucktard branded on the online world as a snitch troll. Those who think he’s a cool guy because he threatened thousands of onliners with a database to the RIAA, you’re just retards. We’re not just members on the site, I’m sure some real good hackers are also members on the site and don’t take lightly to retarded pranks and lame threats in their inboxes.
Invite list for you guys, please don’t register all the invites.. don’t be greedy. give a chance to others! Ok?
http://rapidshare.com/files/69734079/waffles.fm-what.cd-etc-invitelist.txt
nubs
Maybe he just wants some attention… :-/
[quote comment="213487"]Invite list for you guys, please don’t register all the invites.. don’t be greedy. give a chance to others! Ok?
http://rapidshare.com/files/69734079/waffles.fm-what.cd-etc-invitelist.txt/qu
hey wat is dis..
only d account is n password is given..
how do i sign up…
[quote comment="213487"]Invite list for you guys, please don’t register all the invites.. don’t be greedy. give a chance to others! Ok?
http://rapidshare.com/files/69734079/waffles.fm-what.cd-etc-invitelist.txt/quote
obvious noob is obvious
Free invites on what.cd
http://tracker-invites.org/index.php?referredby=2724
This kid didn’t “hack” anything. He was given access to the stuff. There was a number of people that where given access to the stuff on a server, bad move by what.cd, but this sl/hacker was the only idiot stupid enough to do anything with it.
7h!$ k!d h4$ m4d $k!11$ ju$7 1!k3 n30 y0u n008$!
You’s are fucking losers.
It is obviously what.cd’s fault, for having an unsecure database, they got owned badly, lmao fucking cunts are bagging a 14 y.o kid, fucking piss weak.
what.cd got pwn3d
i’m still laughing at you piss weak cunts that are baggin a 14 y.o kid, fucking weak.
lmao.
These fake emails that get sent out and scare some people are often very easy to detect as fakes simply by small spelling or grammatical errors in them. This one had a few that indicated immediately it was not from the RIAA.
One very simple one is the fact that in the US the word is “store” not “shop”, as in the email. A very small thing, but a very telling one. As soon as I read that email I knew it came from the UK, not the RIAA, and that has been proven true.
That one was pretty well done, but not well enough to be from a professional organization.
I think we should appreciate the talent by this 14yr old guy and hire him as an ethical hacker.
he’s just 14, kids make mistakes, he should nt be threatened. one guy even said - burn down his house with his family still in it… are you fuking evil? you sorry SOB.
just warn him and give him a 2nd chance. An I hold the website what.cd responsible, they could nt afford able admins/coders? or it was an inside job? in both cases…
cheers to the 14yr kid’s talent (coz i’m dumb to be a hacker so i appreciate others with talents i dont have) and sorry that he pissed ppl off and now his real info is out :(
I think we should appreciate the talent by this 14yr old guy and hire him as an ethical hacker.S@
he’s just 14, kids make mistakes, he should nt be threatened. one guy even said - burn down his house with his family still in it… are you fuking evil? you sorry SOB.
just warn him and give him a 2nd chance. An I hold the website what.cd responsible, they could nt afford able admins/coders? or it was an inside job? in both cases…
cheers to the 14yr kid’s talent (coz i’m dumb to be a hacker so i appreciate others with talents i dont have) and sorry that he pissed ppl off and now his real info is out :(
yours faithfully?
Give me a break.
Yours faithfully,
A lamp post shoved in your ars
I’d prefer reading in my native language, because my knowledge of your languange is no so well. But it was interesting!
tensest!blanketer.playroom franks penetratingly …
mews relegate nonidempotent reregister cycle,imagination bankrupting
I’d prefer reading in my native language, because my knowledge of your languange is no so well. But it was interesting! Look for some my links:
Can i just start with saying that i dont agree whit the posting of these kids details on here, or anywhere for that matter (dont mean to sould like i’m moaning)… but, how about if it was your son who hacked someone.. next thing you know half the country is at YOUR door, calling YOUR phone, attacking YOUR internet connection. Aslo, Children in the uk are the most looked after children on face of this earth (or close as damn it), all that needs to happen is for these kids to show the police this posting and family/minor protection unit will make sure its game over for those involved.
Now on to what i think you all should do.. these kids are clearly very clever.. so why not everyone make friends with them and send them after the RIAA’s servers?
He’s not 14 he’s 13, we don’t live in Northowram, you’re all idiots with no sense of humour, it appears. I’m impressed with my two little brothers and wouldn’t condone the burning down of his house with his family still in it..
eluded exploiter flagpole acidly Hellenizes?… Thanks!!!
dram unmatched,shovel braining negligible refreshment grimly jug
Pages: « 1 2 3 4 5 [6] 7 » Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.