MediaDefender Anti-Piracy Tools Leaked

Written by Ernesto on September 20, 2007

The MediaDefender-Defenders have released the source code for the “trapping” and decoy software that MediaDefender uses to spread fake files on P2P networks.

Similar to the previously released e-mails, tracking database and phone call this leak is also spread by the group that goes by the name “MediaDefender-Defenders“. In the .nfo that was posted with the torrent we read:

The source is complete for their operations regarding Kazaa, bittorrent, gnutella etc. This system is now released for the public in order to identify the decoys they set up. A special thanks to the MD employee that gave this to us.

It appears that this leak was not collected from the e-mails. The MD-Defenders themselves claim that a MD employee handed over the files to them, but this hasn’t be verified by other sources at this point.

This leak contains a wealth of information and seriously harm MediaDefender’s future operations. BitTorrent tracker owners and other admins who are involved in managing P2P networks can utilize the leaked information to brace themselves against companies like MediaDefender, who try to pollute their networks with fake files.

From the leak it seems that MediaDefender is active on virtually every P2P network, including Usenet.

Not surprisingly, most applications are dedicated to BitTorrent, which is probably their main target because of its popularity. Application names BTPoster, BTSeedInflator, BTDecoyClient and BTInterdictor make it quite obvious what they are supposed to do.

At this point it is still unclear who the MediaDefender-Defenders are and how they got their hands on all this information. MediaDefender has announced that the FBI will be investigating the source of the leaks.

To be continued?

Update: A list of leaked utilities is now available:

AresDataCollector, AresLauncher, AresProtector, AresSupernode, AresUDPDataCollector, AutoUpdater, AutoUpdaterSource, BTClient, BTDataCollector, BTDecoyClient, BTInflationDest, BTInterdictor, BTIPGatherer, BTPoster, BTRemover, BTScraper, BTScraperDLL, BTSearcher, BTSeedInflator, BTTorrentGenerator, BTTorrentSource, BTTracker, BTTrackerChecker, CVS, DCMaster, DCScanner, DCSupply, DistributedKazaaCollector, DllLoader, ED2KSupplyProcessor, EdonkeyIpBanner, FastTrackGift, FastTrackGiftDecoyer, GnutellaDecoyer, GnutellaFileDownloader, GnutellaProtector, GnutellaSupply, KademliaProtector, KazaaDBManager, KazaaLauncher, KazaaSupplyProcessor, KazaaSupplyTaker, KazaaSwarmerDest, KazaaSwarmerDistributedSource, KazaaSwarmerDownloader, KazaaSwarmerSource, MediaMaker, MediaSwarmerDest, MediaSwarmerSource, MetaMachine, MetaMachineHashSetCollector, MetaMachineSpoofer, MI-GnutellaSupply, MovieMaker, NameServer, NetworkMonitor, OverNetLauncher, OvernetProtector, OvernetSpoofer, P2PFileIndexer, PioletDC, PioletPoisoner, PioletSpoofer, SamplePlugIn, SLSKSpooferDLL, SoulSeekClient, StatusDest, StatusSource, SupernodeCollector, SupernodeController, SupernodeDistributer, SupplyProcessor, TKCom, TKFileTransfer, TKLauncher, TKProjectManager, TKSyncher, UsenetPoster, UsenetSearcher, WatchDogControllerDestination, WatchDogControllerSource, WinMxDC, WinMxLauncher, WinMxProtector, wma generator

Saved in: All, Anti-Piracy Gangs, Hot Off The Press | Tagged with:

Tags: , , , ,

Previously: Talk Like a Pirate Day 2007 is Here

Next: Speed Up Your Torrents With Ono

125 Responses (Add yours or TrackBack)

Pages: [1] 2 3 4 5 » Show All

1 Sep 20, 2007 at 13:29 by Gringo Chapin

Too sweet for words!

2 Sep 20, 2007 at 13:32 by jrwr

mediadefender-defenders.com — Still debating whether i should post the source code for download

3 Sep 20, 2007 at 13:35 by David

It’s a shame that personal info like social security numbers made it out along with great stuff like this.

4 Sep 20, 2007 at 13:37 by dAtAfLaSh

…Waiting for somebody who understands this knot of C++ and could tell us exactly what this does ;)

5 Sep 20, 2007 at 13:41 by crenshaw

what a great week to have lousy weather outside..

6 Sep 20, 2007 at 13:43 by dAtAfLaSh

… seems like there is a compiled version of TrapperKeeper in the /release/ dir.

7 Sep 20, 2007 at 13:59 by grant

Goodbye MediaDefender

8 Sep 20, 2007 at 14:19 by Ultimate flavour

Yeah.. so could someone break down what this stuff is?? I am friggin clueless

9 Sep 20, 2007 at 14:30 by qm2003

Well, it is not a ready-to-compile package just yet.

Too many unsolved external references, like crypt51, mysql, …

10 Sep 20, 2007 at 14:48 by TechnoBlogo.com

I posted an earlier item linking to the first MediaDefender email leak, yesterday I noticed mediasentry.net (?) in my weblogs. I wonder if that item I posted was the cause? I kind of hope they send a DMCA notification so I can counter notify and advise them of our free speech rights as a media publisher.

11 Sep 20, 2007 at 14:58 by Noby

Mediadefender != Mediasentry

I guess a competitor just wanted to get reliable information …

12 Sep 20, 2007 at 15:12 by Omega50

Torrentfreak keep up the good work letting everyone know whats going on in the scene!

BTW I hope these apps, wont be used by the other scumbags who make all the scam torrents.

13 Sep 20, 2007 at 15:33 by Jonas

“Yeah.. so could someone break down what this stuff is?? I am friggin clueless”

It’s the code that describes more exactly how their tools may exploit, for example, P2P software weaknesses in order to attack the major P2P networks. Hopefully the information within will aid coders in better patching any exploits.

As #12 said however, nothing is stopping this info from being exploited by scammers etc. But hopefully the P2P developers will win out on this one and the end result will be a more robust network.

14 Sep 20, 2007 at 15:39 by The Profit

I wonder how long till these companies relize that fighting us is a losing battle?

15 Sep 20, 2007 at 15:55 by qm2003

The media companies are greedy knuckleheads.

It’ll be a looong time until they cave in.

16 Sep 20, 2007 at 16:02 by Gordon

A link please ?

17 Sep 20, 2007 at 16:07 by LordSqueak

Hmm, Would be interesting to know just how “Legal” these tools are from an juridical point of view.

18 Sep 20, 2007 at 16:13 by randy saaf

We’re spamming usenet, too:

//
// This file contains a list of
//
//
//
//
giganews news-60.giganews.com gn124059 V3Lrt // banned - searching only
easynews news.easynews.com pauldaman ebertsux37 // banned
giganews-2 news-60.giganews.com gn58936 J4nCid // good
easynews-2 news.easynews.com jomama2069 givemesome420 // good
usenetguide news.usenetguide.com Babykillah@usenetguide.com N7xVlE08 // banned
uncensorednewsfeed binaries.uncensorednewsfeed.com musicman tacobell // good
corenews news.corenews.com gde974cn 168umz // good

19 Sep 20, 2007 at 16:25 by randy saaf

I LOVE MEDIADEFENDER!

20 Sep 20, 2007 at 16:35 by priss

just for to TPB alook for Mediadefender.

Could happen to a nicer bunch of dickheads

21 Sep 20, 2007 at 16:52 by JohhnyFive

Ewwwww, they used Visual Studio.

22 Sep 20, 2007 at 16:56 by JohhnyFive

:ssh;username=jnutter;password=103181;hostname=38.119.66.41:/usr/local/repository

lol, shitty passwords, what amateurs

Pages: [1] 2 3 4 5 » Show All

Add your response

It takes approximately 1 minute for your comment to appear on TorrentFreak after it's posted.