DNS ‘Seizure’ Takes Out MegaUpload
For the past 24 hours the hugely popular MegaUpload file-hosting service has been rendered inaccessible across many countries around the world. With the United States government ‘Cyber Monday’ domain seizures fresh in everyone’s mind, fingerpointing has been directed at the U.S. authorities. The problems, however, seem to be rooted with the site’s domain registrar since they appear to have ‘seized’ MegaUpload’s DNS records following a dispute.
Make no mistake, the biggest entertainment companies in the world do not like file-hosting site MegaUpload.
Update January 2012: MegaUpload Taken Down, Seized by the Feds
Currently the huge cyberlocker resides on the destroy-them-all SOPA-directed “rogue site” list of the MPAA alongside The Pirate Bay. The site hasn’t gone unnoticed by the RIAA either. MegaUpload is on their list too, sandwiched between the leading torrent sites and warez forums.
So given this background, particularly when viewed through the prism of the ‘Cyber Monday’ domain seizures, it’s hardly surprising that panic set in yesterday when MegaUpload suddenly failed to load for many people all around the world, not just for a few minutes but for hours on end and into today. The site is reported to be back up for some, but Twitter and other networks are awash with complaints that the problems are continuing.
Speculation on the downtime is rife, but it appears that MegaUpload has problems with its domain registrar. At the time of writing, MegaUpload’s current DNS records as reported by Network Tools are listed as ns1.badwhoisshutdown.com and ns2.badwhoisshutdown.com. It’s unclear why the IP address listed (216.239.35.100) belongs to Google.
One of the common causes of this kind of DNS diversion is when domain registrars doubt that the provided WHOIS details for a domain are correct, so they ‘hijack’ the DNS records to prevent the domain resolving to the correct site. In 2009, MegaUpload sister site MegaVideo suffered similar problems but eventually returned after downtime.
TorrentFreak has put a request into MegaUpload for comment, but while we wait for the official response it seems clear that the problems have been massive. Right across the United States into Europe, from the Middle East to the Mediterranean, Japan, Australia, Canada, Brazil and UK, no area seems to have been unaffected.
For many the site remains down even now, providing an interesting taster of what SOPA has in store should it pass. Some reports suggest that switching to Google’s DNS provides a solution to the problem, others that using one of the site’s many IP addresses (http://174.140.154.23/ for example) is a better option.
In the meantime the conspiracy theories will continue. Did MegaUpload’s registrar hijack the DNS over a simple WHOIS detail error? Or perhaps the “trolls” warned about here laid some poison down for the site, or maybe there’s another more simple explanation?
When we get official word from MegaUpload we’ll report back – the AMA request on Reddit would be fun, but we doubt it will go answered.
Update 30th Nov: MegaUpload inform us that there was indeed a nameserver issue affecting the site but there is nothing to worry about and everything is back to normal.
In rare cases it might take a while for every DNS server around the world to be updated (rarely up to 48 hours) but normal service should have already been resumed.
