BitSoup, one of the Internet’s most established private BitTorrent trackers, has been under attack during the past two weeks. The site has been comprised and defaced, with the hackers gifting ratio credits to site users alongside unsubstantiated claims that money generated by a recent Hurricane Sandy fund-raiser might be misappropriated. BitSoup say the matter is being brought under control and that the new year will see the site shift to a new, less vulnerable domain.
Torrent sites are not only a magnet for people looking for content, they also attract enemies. While large copyright-dependent industries are obviously interested in their activities, opponents can take other forms.
In recent weeks some of the largest torrent sites on the Internet have been targeted, with The Pirate Bay, isoHunt, 1337x, BitSnoop, Fenopy and others all hit with DDoS attacks.
What.cd, one of the largest private trackers was also hit, but they are not the only invite-only site to be hit this month. Although not DDoS-related, recently the long-established BitSoup tracker has been suffering woes of its own.
“As many members now know BitSoup has been under attack over the past 2 weeks. We have taken the steps to harden the site from future attacks best we can,” the site’s operators said in an announcement before the weekend.
The initial attack on BitSoup came in a quite unusual form but to understand that we first need to explain a little about how the site works.
Like most private trackers BitSoup operates a ratio system in which users are expected to upload the same amount of data as they take from the site. Failure to do so leads to a sharing ratio of less than 1.0. For example, a ratio of 0.7 means that uploaded data is only 70% of that downloaded.
When a user’s ratio drops below a certain amount they are at risk of being banned from the site. This situation can be fixed by either uploading more data or making a cash donation which results in a so-called “ratio credit” that brings the account above the banning limit.
What the hackers did initially was to modify site users’ accounts so it looked like they had uploaded more data than they actually had, the idea being to reduce the number of people donating to the site.
However, while some people do indeed donate to fix ratio, many users do so because they love the site and the community. There can be little doubt that BitSoup has a large and enthusiastic following that will donate no matter what.
In any event, BitSoup immediately took steps to nullify the attack by making a goodwill gesture of their own.
“On December 1st all members will get 800GB added to their accounts as a [birthday] gift from BitSoup to our great members,” the site’s operators announced.
But then, just when it appeared that the problems were over, this weekend brought more misery. The attackers, who claim to be from Anonymous (but of course anyone can do that), came back with a new assault.
After obtaining access to the site’s SMTP server the attackers sent emails to BitSoup members claiming that a recent effort by the site to raise funds for Hurricane Sandy victims was made in bad faith.
“Bitsoup, you have abused charity for your own gain. You have lead your members to believe they gave to help storm victims only to satisfy your own desires. You have abused the freedom of the internet, the good faith of your members and the dire needs of disaster victims to raise money for yourself,” the mail began.
The message goes on state that PayPal and law enforcement have been tipped off about the site and that the attackers now hold the site’s database. The mail was signed off by Anonymous but despite its length offered no evidence to back up the allegations of charity fund misappropriation.
Round about the same time the site’s forums and tracker were defaced, with threads created claiming that the fundraiser was fake and torrents renamed to offer a warning.
Many users reported not being able to access the site over the weekend by now things appear to be getting back to normal.
“The MPAA has never since the day we opened our doors been a threat to us for many reasons we will not get into. We know the wankers that attacked us are nothing but brats and no matter what they do we will always come back stronger,” the site’s operators said in a statement.
“Starting in January 2013 we will be under taking some major upgrades to the site adding features and tweaking others. We will also stop using bitsoup.org as our domain in the new year to make it harder for any goverment in USA to take our domain. Our new domain will be bitsoup.me.”