Hackers Run Wild Spending BitTorrent Tracker’s Donations
Written by enigmax on December 29, 2007The SuperTorrents BitTorrent tracker has been the subject of a major security breach, with hackers gaining access to private accounts from which they donated all the site’s money to a religious group. The hackers even went as far as contacting the site’s host and canceled all of their seedboxes.
Earlier this year, the anti-piracy company MediaDefender was torn apart when its email system was compromised and hackers laid the company’s secrets bare for the world to see. Some months later, the SuperTorrents (ST) BitTorrent tracker has been the victim of hackers. According to a so-called ’scene notice’ circulating at the moment, the 35,000 member site was compromised when the hackers discovered that the admin of ST used the same password on a lot of other sites, as he does on other accounts - email etc. This is the same mistake that MediaDefender made.
The notice begins:
Now this is the story all about how Ersan’s life got flipped turned upside down and I’d like to take a minute and just sit right there and tell you how Ersan became the prince of a town called bel air. This weeks source of lulz is provided free of charge via a site called supertorrents.org and the nicest Administrator you’ve ever met, Ersan.
The hackers discovered that the same password secured the site’s PayPal donations account. They claimed that due to the admin of ST making derogatory comments about a religious group, they decided to donate all the site’s available donations - over $2000 - to an Internet portal dedicated to that same religion.
While the hackers said they had fun deleting and disabling some more minor accounts like the admins YouTube account, they had rather more malice in mind when they managed to get access to the admins Gmail account (same as MediaDefender again). They discovered the admin’s real name, address, age and even the car he drives. After having fun making a mess of the account, the hackers said: “At this point we just deleted his account, because maximum lulz were achieved.”
The hackers then accessed the site’s admin panel for communicating with their host: “we logged into his [hosts] account panel where he hosts the supertorrents seedboxes and canceled them.”
The hackers give an explanation of the way they compromised the site:
“This all began a few days ago. Me and some friends were scoping around supertorrents irc network, when we discovered that they had a public prechan. Upon discovering this moderate scene security problem some friends and I decided to check the security of said prebot, turns out it was not so secure. Upon rooting the box and grabbing the unsecure predb and some scripts to play with we then rainbow tabled’d his password hash”
The motives for hacking the site seem to be twofold. Many Scene members consider torrent sites to be to blame for compromising their security and there does seem to be indication that this provoked the hacking in part. Money is mentioned quite a lot, in that it seems the hackers are annoyed at the level of donations at SuperTorrents, even appealing to the members to consider where their money is going.
It’s also claimed that many torrent sites are getting their releases from the same place and there are suggestions that this supply to the BitTorrent community should be strangled.
No doubt the MPAA will be delighted to hear this.
Update: More information is coming through which suggests that Ersan feels that his address hasn’t been compromised and he doesn’t drive the car the hackers say he does. Ersan says that his host did not cancel the seedboxes and he further says that his Google email (far from being deleted) is actually recovered and the password has been reset. He continues: “From what I can tell, the server that they’re talking about was not rooted, but I’m going to reload the OS on it anyway. This has no effect on SuperTorrents in any way, it just screws with my personal email and finances for a few days. The worst part is not knowing the extent of the damages that have been done, if all that was done was what was stated above then I’ll be fine. If they downloaded all of my emails and chat logs or something then I have a real problem on my hands”
Update 2: The hackers seem to have responded: “Nice attempt at damage control. :/ We do have your real street address, among with a few others you were using. If we were just going to blank it out anyway, whats it matter? Shouldn’t you be happy we did that, I guess we could go with the unedited copies of your name and addresses for the third notice. You just made an order XXXXXXX.com (lol, nerd) would you like us to post the usps tracking number & address? (1) Your address is talked about many times in google chats, once again you’re lucky we dont post them here. You did buy a BRANDX(car), for $12,000. Heres some screenshots (2&3). We could always post more information about it, as we have your entire email box from a few weeks ago until now. Would you like us to? was it your father or brother that you got the carfax for, lol?”
In reponse to Ersan’s claim that the host did not cancel his servers: “Correct, [host] did not cancel your servers, they did however cancel your account. Oh well I guess we can’t win them all.”
The hackers then go on to deny that Ersan has recoverd his Gmail account and provide some sort of screenshot as proof. They also ask Ersan to stop sending ‘forgot my password’ to his own account as “it’s not helping.” They then go on to use Ersan’s real name and in what could be seen as a veiled threat say: “Be thankful Eric, that we didn’t give you the raging that was easily possible with all of the email and google chat logs we have. We PROBABLY won’t release those, but hey you never know! :)”
thanks r10t
Previously: Steal This Film 2 Goes Live
Next: Top 10 Most Popular Torrent Sites of 2007
247 Responses
Pages: « 1 2 3 4 5 [6] 7 8 9 10 » Show All
[quote comment="251389"]
So save your money & blow him, cuntbubble.[/quote]
You just gave me my epic lulz for the day
http://tinyurl.com/323h3y
lol they are american, that’s why their host is located in the us, the landline is in the us, nevermind the fake address. So my guess is these fools are from ohio. Which means they can’t get to colorado fast enough to clean up their tracks if they screwed up.
Fuck those little bastards! All religion is evil!
[quote comment="251422"]Fuck those little bastards! All religion is evil![/quote]
your right!
What hackers..? Dick wad script kiddies…..lols R on them AAAhh haahhaa
They got lucky with a weak password and then did what dick wad script kiddies do… They circle jerked themselves and revealed to the world that they are elite lOOzers… NOBODY IS IMPRESSED or even cares past the first post
The reason why I’m saying the address is fake is because the postal code is for north york, not ottawa. I have no clue where mail would get delivered but my guess is to one place or the other, either a george henderson in that postal code area (which I doubt), or to that street address in ottawa (which I’m certain wouldn’t be a valid addy regardless). But the phone number would have to be real enough, I would have expected a cell phone, not a landline. The landline clue there makes me think they are n00bs. They must have working contact or their domain is toast. And I don’t have to hack a thing, just watch other people do the work and take you down. haha….l337 my a$$
cmon pu55y hackers whatcha gunna do? you can’t save your domain, you can’t save your hosting, both are gunna be toast. hahahahaha…. and there’s nothin you can do about it. bye bye. no hacking needed just calling them up ‘ll do and mentioning situation. now some lolz for me. Maybe I’d waste my real talent on you if you weren’t such a savory target. I like stompin bitch ass wannabees.
a disposable cellphone would work good, landlines have physicall locations assosiated with them,
then again how often does someone ring up every number on every domain and check it out?
or the real owner could play dumb and say they “hacked it”
dang.
lol I doubt very much it got hacked by anybody, that domain is clearly theirs. It also contains logs of the morons that posted on there. U think a hacker is gunna spend that much time on a site like that without being noticed? LOLZ. That’s them they just ain’t all that bright, easy to find, easy to stomp, they should start begging for forgiveness now cuz they can get stomped real bad by some real hackers if needbe.
I find is quite ironic that the scene will “hack” ST over donations but will allow pay to leech on their ftp servers…
has anybody tried egging them on through their contact page? (LOL) email your remarks to them I’m sure they’ll love it and sit there and respond to each and every single one.
IDIOT!!! Using the same password for everything? I don’t know how people can do that. Especially a site admin. Oh well he got what was coming to him. Plus, it was just a shitty pay to leech site.
PS: I wouldn’t be surprised if those “hackers” got arrested. $2000 is a lot of money to take away. Poor dude. Still, he had it coming.
lol they use windows. :P real hackers don’t use windows.
real hackers use linux
http://tlf.cx/bilder/h4×0rs_durex.jpg
lmao to be more specific slackware. Funny tho the geeks nowadays get laid o plenty…
real hackers don’t use vista…
HAHAHAHA. This is too damn funny. Running a big site that has an impact on the anonymity of all prospective visitors/users…. the admin has a DUTY to keep that site safely patched and monitored in case of exploiters. Anyone who runs even just a regular, non-script heavy website knows this.
You get what you deserve if you play with blind glee in the sandbox where you KNOW infected needles are hiding.
For all you “Save the Whales, Piracy for the People” simpletons, that last comment is called a “metaphor”
that’s why you guard your own anoniminity. Using wifi. Just make sure you can fiddle with your mac address, what can they prove then?
[quote comment="251456"]real hackers don’t use vista…[/quote]
eew vista is gross, aero is nifty, but u can get that loaded on linux with compiz-fusion and gnome. Much better :) just be nice if there weren’t bug issues.
this is how i hack
http://farm2.static.flickr.com/1315/1393981802_cab80c7198.jpg
(no not me, just a random pic off google)
Down with the noob torrent sites!
I might like to add my two cents, having to jump through hoops to get onto a tracker is lame. :P honestly what’s the use, I’m sick of seeing trolls asking for money for invites makes me not even wanna bother getting involved in that game cuz if I have a hard time finding something, I just ask someone else to get it for me. Even in these forums all these dorks asking for money for invites to torrentleech and other sites, how lame. Just as stupid as gmail invites being auctioned on ebay. I can kind of sympathize with these hackers but I just find the things they did to this poor guy really offensive, most people are on here because they are sick of capitalism, because they don’t like throwing away their life for junk that is just copied and given to them. We are sick of working for squat, and we don’t need this crap anymore, and our way of fighting back is to keep our money in our pocket.
i hate those trolls to, so annoying
Pages: « 1 2 3 4 5 [6] 7 8 9 10 » Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.