Hackers Run Wild Spending BitTorrent Tracker’s Donations
Written by enigmax on December 29, 2007The SuperTorrents BitTorrent tracker has been the subject of a major security breach, with hackers gaining access to private accounts from which they donated all the site’s money to a religious group. The hackers even went as far as contacting the site’s host and canceled all of their seedboxes.
Earlier this year, the anti-piracy company MediaDefender was torn apart when its email system was compromised and hackers laid the company’s secrets bare for the world to see. Some months later, the SuperTorrents (ST) BitTorrent tracker has been the victim of hackers. According to a so-called ’scene notice’ circulating at the moment, the 35,000 member site was compromised when the hackers discovered that the admin of ST used the same password on a lot of other sites, as he does on other accounts - email etc. This is the same mistake that MediaDefender made.
The notice begins:
Now this is the story all about how Ersan’s life got flipped turned upside down and I’d like to take a minute and just sit right there and tell you how Ersan became the prince of a town called bel air. This weeks source of lulz is provided free of charge via a site called supertorrents.org and the nicest Administrator you’ve ever met, Ersan.
The hackers discovered that the same password secured the site’s PayPal donations account. They claimed that due to the admin of ST making derogatory comments about a religious group, they decided to donate all the site’s available donations - over $2000 - to an Internet portal dedicated to that same religion.
While the hackers said they had fun deleting and disabling some more minor accounts like the admins YouTube account, they had rather more malice in mind when they managed to get access to the admins Gmail account (same as MediaDefender again). They discovered the admin’s real name, address, age and even the car he drives. After having fun making a mess of the account, the hackers said: “At this point we just deleted his account, because maximum lulz were achieved.”
The hackers then accessed the site’s admin panel for communicating with their host: “we logged into his [hosts] account panel where he hosts the supertorrents seedboxes and canceled them.”
The hackers give an explanation of the way they compromised the site:
“This all began a few days ago. Me and some friends were scoping around supertorrents irc network, when we discovered that they had a public prechan. Upon discovering this moderate scene security problem some friends and I decided to check the security of said prebot, turns out it was not so secure. Upon rooting the box and grabbing the unsecure predb and some scripts to play with we then rainbow tabled’d his password hash”
The motives for hacking the site seem to be twofold. Many Scene members consider torrent sites to be to blame for compromising their security and there does seem to be indication that this provoked the hacking in part. Money is mentioned quite a lot, in that it seems the hackers are annoyed at the level of donations at SuperTorrents, even appealing to the members to consider where their money is going.
It’s also claimed that many torrent sites are getting their releases from the same place and there are suggestions that this supply to the BitTorrent community should be strangled.
No doubt the MPAA will be delighted to hear this.
Update: More information is coming through which suggests that Ersan feels that his address hasn’t been compromised and he doesn’t drive the car the hackers say he does. Ersan says that his host did not cancel the seedboxes and he further says that his Google email (far from being deleted) is actually recovered and the password has been reset. He continues: “From what I can tell, the server that they’re talking about was not rooted, but I’m going to reload the OS on it anyway. This has no effect on SuperTorrents in any way, it just screws with my personal email and finances for a few days. The worst part is not knowing the extent of the damages that have been done, if all that was done was what was stated above then I’ll be fine. If they downloaded all of my emails and chat logs or something then I have a real problem on my hands”
Update 2: The hackers seem to have responded: “Nice attempt at damage control. :/ We do have your real street address, among with a few others you were using. If we were just going to blank it out anyway, whats it matter? Shouldn’t you be happy we did that, I guess we could go with the unedited copies of your name and addresses for the third notice. You just made an order XXXXXXX.com (lol, nerd) would you like us to post the usps tracking number & address? (1) Your address is talked about many times in google chats, once again you’re lucky we dont post them here. You did buy a BRANDX(car), for $12,000. Heres some screenshots (2&3). We could always post more information about it, as we have your entire email box from a few weeks ago until now. Would you like us to? was it your father or brother that you got the carfax for, lol?”
In reponse to Ersan’s claim that the host did not cancel his servers: “Correct, [host] did not cancel your servers, they did however cancel your account. Oh well I guess we can’t win them all.”
The hackers then go on to deny that Ersan has recoverd his Gmail account and provide some sort of screenshot as proof. They also ask Ersan to stop sending ‘forgot my password’ to his own account as “it’s not helping.” They then go on to use Ersan’s real name and in what could be seen as a veiled threat say: “Be thankful Eric, that we didn’t give you the raging that was easily possible with all of the email and google chat logs we have. We PROBABLY won’t release those, but hey you never know! :)”
thanks r10t
Previously: Steal This Film 2 Goes Live
Next: Top 10 Most Popular Torrent Sites of 2007
247 Responses
Pages: « 1 2 3 4 [5] 6 7 8 9 10 » Show All
I wonder if Ersan can get them for grand larceny, or whatever the digital equivalent is. Regardless of their intent or the reasons behind doing what they did, they stole $2000. That isn’t pocket change.
They didn’t steal it, I got it back within 2 days… This whole thing is blown out of proportion.
good to see that the scene is doing the MPAAs work for them now.
I see many problems with what these guys did:
1) donate the money to a religious org. Just awful :(
2) If they don’t like that admin, then fine mess with him all you want, but don’t in such a way that it also messes with the users. As far as I’m concerned that’s declaring war on all of us that use torrent sites.
3) Helping the MPAA!!! Those douche bags should be hanged so congrats crackers you are douche bags by association.
4) Giving a bad name to true hackers. This is called “cracking” for a reason. Hackers make electronics do things that they weren’t intended to do. Crackers maliciously enter others systems. Get it right so the brain-dead public doesn’t hear the word and get the wrong idea!
[quote comment="251300"][quote=251246]
Want some cheese with that whine, knobchops? You’re the wanker doing all the whining.
I’m a fucking PIRATE, you twat; ergo, I don’t pay to download shit. I don’t pay the retailer & I CERTAINLY don’t pay other pirates for the privilege.
If you can’t afford to run a service, then FUCK OFF - don’t come begz0ring to me about monthly fees. I can find the downloads a thousand other places that cost fuck-all.
Now ETPOMSAD, dimbulb…
HTH HAND kthxbai[/quote]
Idiot. Your arguement might be more convincing if it wasn’t so full of shit. If it was compulsory to donate to use the site. It isn’t. Demonising sites that ask for donations doesn’t help, and whats more why dont u just try and find a torrent site that doesn’t have donations button. You wont find one that has any decent quality of service.
The only difference here is that you get something back if you choose to - something you don’t on a lot.[/quote]
Oh WELL DONE, lamebrain!
You COMPLETELY FAILED to respond to any of my points. Do you have to pay to FTP? Usenet? IRC even? LMFAO! These are all valid methods of downloading content that cost (not counting premium Usenet services a la Giganews et al) - guess what? Nothing. Nada. Zilch. The big zero…
I reiterate: Anyone who asks for cash - in ANY form - in return for services in assistance of downloading pirated content is a thieving scat-muncher.
Your autospank grade: D+ ‘Must Try Harder’. Do try to keep up now.
Fucking slurpee tards…
I am a mebmer of teh sUPRETORRNETS adn I love to paYS FRO TEH FrEe dowlnlaods!!!!11!!!
Ps I Aem an SCaTMUNhcer!!!2!
[quote comment="251258"]i think some of you cunts have missed the point of donations! you are not and never have been asked to give to
Super Torrents by any of the staff! it is simply a way of helping keep the site alive! so what are you all suggesting that these guys pay for all this themselves? they do enough in the rest of the work they do! i give them a few dollars every month and im proud to be a member and give them a hand in the costs!servers aint cheap,and afaik the uploaders pay for their own seedboxes not supertorrents
how many other trackers are giving every penny that comes their way to charity this month? cause we at ST are! $10.000 i believe so stfu all you hater tosspots[/quote]
Excellent! How about if I set up something like that, collect money for charity, so I can write off all the taxes on my income too!! I’d like to get a 10K charity receipt.
[quote comment="251364"]I see many problems with what these guys did:
1) donate the money to a religious org. Just awful :(
2) If they don’t like that admin, then fine mess with him all you want, but don’t in such a way that it also messes with the users. As far as I’m concerned that’s declaring war on all of us that use torrent sites.
3) Helping the MPAA!!! Those douche bags should be hanged so congrats crackers you are douche bags by association.
4) Giving a bad name to true hackers. This is called “cracking” for a reason. Hackers make electronics do things that they weren’t intended to do. Crackers maliciously enter others systems. Get it right so the brain-dead public doesn’t hear the word and get the wrong idea![/quote]
yeah donating money is bad….. next time donate the koolaid to them.
[quote comment="251091"]you can find them at:
4chan.org
7chan.org
420chan.org
12chan.org
[warning, many boards are not safe for work][/quote]
Actually, this sounds like the Lulznet douchbags that hacked 4chan a few weeks ago.
One has to ask why you are posting about a torrent site on a torrent news site. If you love IRC/FTP so much, then go back there with the other kiddies, I hardly expect anyone will miss you about. There you can be as self centered and/or important as you like.
everyone i have an anouncment to make!
I am an Elite Hacker!
I can do great things such as grenade hop in Counterstike.
I am the greatest Hacker in the world and you script kiddies can jump off a cliff.
lol
come on guys who cares.
as for stealing the donations, that was not good all that did was make you look bad. the rest i got a laugh from.
as for the admin you should have taken better care of your online stuff. the same password for all accounts is a pretty stupid thing, i hope you have learnt your leson on that end.
and the scene……what is your problem? you could have handled that a lot better, instead you acted like a bunch of 12 year olds going through puberty, honestly i expected better from you.
as for the whole religion thing, isnt it time we put all that crap behind us?
muslims are blowing themselves up to kill people.
christains are commiting genocide…….
and the religion of bob wants me to drink some punch…
im going to make a large donation to supertorrents now that ive read this article… and more so the comments attached to it.
anyone that has to deal with such idiots in a ’scene’ deserves some kind of relief
Fuck all you pirate thieves, we will shut you all down for stealing our content and making money from it.
Viva La GFY.com
lol you loser hackers ought to be doing something useful with your supposed mad skills, like opening up peoples routers so wireless ip phones take out greedy corporations, not stepping on a guy that’s managed to make a bit of profit running a service for people. Heck how about you use those brain cells to maybe figure out how to get rid of isp’s next. Do something useful, this hasn’t accomplished anything, his site is still running and now he’s getting more donations and publicity because of you fucktards. All that work trying to hurt someone and it’s done the exact opposite — bunch blithering morons for script kiddies. Has anybody traced back their ip’s to see where that leads them? You’ll at least get some sort of clues, maybe they were stupid enough to use their own internet connection to do this. Maybe they left their hardware mac address in a log somewhere. Maybe that hardware mac address can be tied back to their equipment, which might be registered. A true hacker would be-able to cover up their tracks, these guys don’t sound professional, they sound like a bunch of llamas you can catch eventually and teach ‘em a lesson. Your dad has ties in law enforcement you could probably get him to help you with regards to tracing them back, at least to geographical location. I’m just waiting to get a bigger piece of the picture so I can see how much these fools ended up screwing up. Hackers don’t use leetspeak anymore it’s been rendered gay by script kiddies and wannabees. Hey script kiddies hack my penis with your lips.
fyi the scene hates p2p
just another “class” differential that morons who only care about money make up
[quote comment="251378"]im going to make a large donation to supertorrents now that ive read this article… and more so the comments attached to it.
anyone that has to deal with such idiots in a ’scene’ deserves some kind of relief[/quote]
So save your money & blow him, cuntbubble.
[quote comment="251388"]
[...] morons who only care about money [...][/quote]
eg paytoleech admins.
a total suss story
another dirty smear campaign by the MAFIAA against the bittorrent scene
[quote comment="251300"]
why dont u just try and find a torrent site that doesn’t have donations button. You wont find one that has any decent quality of service.
quote]
You silly twat. Nigh on all of the ‘ethical’ sites use banner advertising to cover their costs. If YOU can’t find any, it’s nobody’s fault but your own. Just keep on paying up for free gear, llama.
Piss on pay-2-leech sites.
Bunch of wankers. Apparently these “lulz” are also obtainable through DDoS attacks on popular websites and other ways of being an utter plonker.
Of course one day they’re going to slip up and end up in the fed’ral pound-me-in-the-bum. Until then, site operators had best get their bleeping security in gear.
these stories are setups. they always include the element of
1. infighting amongst thieves
2. seed boxes
3. impropriety and dishonesty with donations
implying criminal piracy etc
these stories are always the same
i was banned from slyck for posting against one of these propaganda smears
the site reported on slyck 3 months ago, same story, site was 4 weeks old, 6 seed boxes, members donating $12,000/month, then the admin’s private files were exposed etc etc
you know the reality of income versus outgoings and you are deep in irc
always these sites they make the stories on are so new nobody knows them but the revenue income is fantastic
it is all BS but this is sold as truth to blogs and news sites and next thing you know it is truth
i have hardcore uploaders, it dont get deeper into the scene than we
this story it is all crap, these people are actors
look at the number of diggs for a new story about nothing
it is an organised smear against the scene
Ersan, these jerks own http://www.itsoverninethousand.com
According to internic registration the owner is george henderson, in ottawa.
According to reverse lookup of the number:
(614) 245-1145 is a land line based in New Albany (Franklin), OH
In order to have ownership of a domain the registrar must be-able to contact the owner. Time to figure out if that is a working phone number or not. The name and address are both fake, but the number has to be accurate or else you can request the registrar take the domain down (because terms of service for domain means you must have valid contact information).
If it is a working phone number and the guy contends that he does not own the domain, then don’t believe him but see if his domain goes down after getting ahold of registrar.
Also be sure to figure out who’s hosting the domain.
You should also have a word with coloquest.com, and mention the server and see what they have to say since I’m seeing a route through their network. More importantly, they would have an idea of who has access to that server, where exactly it physically is, ips of people accessing the site, etc.
My guess is these pricks are easy to catch, you just gotta do a little investigating. With your dad’s help, you can move on their tracks alot quicker with help from law enforcement authorities where the hosting provider is located, that server contains valuable evidence as to their identity.
Of all the things these kids could hack they pick a torrent site? This leads me to beleive they got the password by sheer luck and when they found out he used the same password everywere the geeks decided to get there 15 minutes of e-fame. Worst part is the boasting from the hacker kids.
500$ says these kids are American. What with the religious bs and all.
Pages: « 1 2 3 4 [5] 6 7 8 9 10 » Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.