The leak of MediaDefender’s emails caused quite some controversy, Ironically, in a recently leaked phone call, a New York attorney and MediaDefender discuss the security of their email-server. Whilst there is some initial confusion as to where the leak may have originated, they eventually write it off as some technical problem.
The leaked phone call shows that they are unsure about their network protection, their IDS etc. One of the parties is on a VOIP connection which may explain how the leak was obtained.
Similar to the e-mail leak, a group called “MediaDefender-Defenders” released the file, and in the .nfo file we read:
MediaDefender-Defenders proudly presents some more internal MediaDefender stuff… more will follow when time is ready. MediaDefender thinks they’ve shut out their internals from us. Thats what they think.
The subject of the call is rather serious. MediaDefender is apparently involved in an ongoing Child Porn investigation. Their job is to identify child-porn images and report the IPs of the offending computers back to the government. A tricky project since it would mean that they actually have to download and rate the illegal content.
This wont be the end of the leaks according to the “MediaDefender-Defenders”, they claim that more will follow when time is ready.
In addition the the phone call, a huge MySQL database dump from a MediaDefender server was leaked on BitTorrent as well. The database shows tracking and decoy file information for the Gnutella network which is used by P2P clients such as LimeWire.
All this leaked information is a huge blow for MediaDefender, and it will undoubtedly cost them a lot of time and money to clean this up. Interestingly, no evidence can be found that MediaDefender is actually involved in prosecuting or gathering evidence against filesharers (as we reported earlier). Their core business is releasing fake files and polluting the filesharing networks.