Major private BitTorrent trackers including What.cd and IPTorrents have been taken offline by Denial of Service attacks. The disruptions are being coordinated by an individual who had a fight last year with What.cd after the site failed to give him an invitation. That particular dispute was followed up by DDoS attacks against a range of sites including The Pirate Bay but the promised daily follow-ups failed to emerge. The question now is whether these new attacks are a prelude to something bigger.
It might come as a surprise but at times the owners of some file-sharing sites are subjected to online bullying.
Over the years several BitTorrent admins have been the victims of extortion attempts which threaten that unless a particular course of action is taken or even payments made, bad things will happen. Of course, due to the nature of their operations site admins have very few places to turn if the going gets rough, which makes them almost perfect victims.
In some cases the threats are hollow and thankfully come to nothing, but at times they are real and when admins refuse to comply they can lose use of their sites following Distributed Denial of Service attacks. On other occasions sites are attacked on a whim or simply for “fun”.
During the past 24 hours four private BitTorrent trackers including What.cd, IPTorrents, HDBits.org and SceneAccess have all been hit with these kinds of attacks. The latter pair appear to be recovering but the two really big ones are still suffering.
IPTorrents is a huge private tracker with traffic levels approaching those currently being enjoyed by Kim Dotcom’s Mega.co.nz. Canada-based What.cd needs little introduction as the world’s largest music tracker, a title it inherited from the now-defunct OiNK.
The attacks against the sites are being launched by an old adversary of What.cd. The individual, who calls himself Zeiko Anonymous, is a character that entered the news in November 2012 when a spat he had with What.cd staff spilled over into a public dispute.
What.cd refused to give into Zeiko’s demands and in return the mystery individual DDoSd the site, but Zeiko didn’t stop there. During the days that followed other sites were also attacked including The Pirate Bay, isoHunt, 1337x, BitSnoop, Fenopy, TorrentPortal, BroadcastTheNet, PassThePopcorn and HDBits. Breaking the torrent site theme, Zeiko also went after RLSlog.
This time around there is no sign of any fresh dispute with the sites being attacked although last week Zeiko welcomed 2013 on his Twitter account with the announcement “LETS KILL PIRACY!!”
The question now is whether these latest attacks are an isolated incident or a prelude to something bigger. That question remains unanswered, at least for now.
So apart from internal tweaks, what can sites do to mitigate DDoS attacks? Some choose to use the services of a company like CloudFlare who claim to be able to handle even the most aggressive of attacks. However, using CloudFlare on torrent sites isn’t quite as straightforward as one might expect.
Last year TorrentFreak obtained emails sent by CloudFlare to the owner of a Pirate Bay proxy site which contained complaints from rightsholders claiming that the site supported by CloudFlare was offering access to infringing content.
There’s not much new there of course except that in addition to offering DDoS protection, CloudFlare is often used to shield the true location of a website from prying eyes. However, when a complaint is received from rightsholders CloudFlare tells its customers this:
We’ve provided the name of the web hosting provider which hosts your server as we are required to do by law.
So while DDoS protection might be available, privacy is undone in an instant. Despite several attempts, CloudFlare ignored TorrentFreak’s request for comment.