The raid on Demonoid’s servers and the reports that a criminal investigation has been started against the site is causing some panic among the site’s users. Was the user data encrypted? Can the authorities see what people have downloaded? Without official comment from Demonoid’s admin these questions are hard to answer, but a massive legal operation aimed at the site’s users seems highly unlikely.
Earlier this week the news broke that after the popular BitTorrent tracker Demonoid suffered a DDoS and hacker attack, it had also been raided by the Ukrainian authorities.
Roughly a week ago government investigators arrived at Demonoid’s hosting provider ColoCall to pull the site offline. According to Sergei Burlakov of Ukraine’s Ministry of Internal Affairs the authorities acted on a request from Interpol.
“The Division of Economic Crimes [DEC] received an international request from Interpol to send a request to the company ColoCall. DEC sent the request to the provider, after which the ISP decided to stop working with Demonoid,” he said.
The request related to a criminal investigation in Mexico, where one person was arrested for his connection to the BitTorrent tracker last fall.
Judging by the strain on the TorrentFreak mailbox the raids have caused some of Demonoid’s users considerable panic, probably due to them having shared copyrighted material via the site. Now that the Ukrainian police have access to Demonoid’s data, they are naturally wondering to what extent they are exposed.
TorrentFreak posed this question to the sole tech admin of the site, but since the raids we haven’t had a response. This means that we can’t report whether some, all, or none of the user data was encrypted. What we do know is that Demonoid was prone to collecting erroneous stats, often counting uploads and downloads against users who never carried them out.
However, looking at similar raids in the past it seems highly unlikely that the authorities will go after large groups of individual users. Even if they do plan to target members (there is no indication at the moment) the most likely scenario is that they would single out a few of the top uploaders, or those who were the first to upload prominent movies, particularly if they did so in bulk.
The only thing we know for certain at this point is that there’s an investigation against Demonoid in Mexico. A source inside ColoCall (Demonoid’s former host) confirmed the Mexican connection when speaking to reporter Maria Popova of Ukrainian news site Kommersant.ua on August 6. Then working back, the MPAA reported the arrest of the site’s admin to the USTR October 26, 2011 (see page 4 of this report), and the IFPI congratulated the Mexican Attorney General’s office on the raid in this official government document from October 6, 2011.
While we always strive to publish sincere and detailed articles on cases like these, it appears that one alleged and presumably now ex-moderator of Demonoid felt the need to tell Vice our reporting is “as reliable as Fox News” and that “anything from TorrentFreak should be taken with a kilo of salt.”
This attack appears to be based on one single mention where we quoted the ColoCall source who said that the site’s administration was based in Mexico. While we never gave any credence to the quote, in light of the previous documented arrest in Mexico, the MPAA’s statement to the USTR and IFPI’s congratulations to the Mexican government, we thought it was worth mentioning.
Of course this is not the first time that Demonoid “staff” have lashed out against TorrentFreak. In 2007 we were called out as liars by Demonoid’s IRC and forum moderators when we reported that the CRIA was behind’s Demonoid’s downtime. A week later Demonoid confirmed our report.
But back to the key point in hand – if we hear anything at all about the fate of user data on Demonoid, who has access to it and/or to what level it was encrypted, we’ll be sure to report back.