NowTorrents Domain Hijacked by Hacker

Ernesto
June 9, 2009
49
nowtorrents
Print

With more than million searches each day NowTorrents is one of the larger torrent search engines on the Internet. The site has grown steadily during recent months, and everything was looking great until a few hours ago, when the owner lost its domain. The domain was hijacked and parked on an account at the popular registrar GoDaddy.

nowtorrents With a few million visitors a month most of the larger torrent sites make lucrative targets for scammers and hackers wanting to cash in on these traffic magnets.

In November 2008, someone used a forged CA driver’s license to take over Torrentz.com, and put some of his own ads on the site. Luckily, the hijack took less than a day to bring to an end and things were back to normal before most users even noticed that something was wrong. But Torrentz is not the only torrent site to interest hackers.

NowTorrents, a torrent meta-search engine that recently acquired a spot among the 10 most visited torrent sites on the Internet, is facing a similar problem. This morning, the admin of the site noticed that he was no longer in control of the domain name as it was transferred to a new registrar, GoDaddy.

Coincidentally, the admin also had two of his email accounts hacked, which could very well be the cause of the domain troubles. He told TorrentFreak that he is doing all he can to resolve the issues. Google has reinstated one of his email accounts after some emails back and forth.

GoDaddy, where the domain was transferred after it was hijacked, is currently looking into the case. It can usually take up to a week before the domain gets transferred back to the rightful owner, the admin said. However, by putting in some calls to a supervisor at GoDaddy he hoped to speed up this process a little.

How the ‘hacker’ gained access to the domains remains a mystery for now. The email password was secure and not really guessable, and all signs currently point to a keylogger. It wouldn’t be the first time that this has happened to an admin of a torrent site.

Nevertheless, the admin of NowTorrents is confident that he will soon regain access to his site. Meanwhile its users will have to be patient and look for alternatives until the site comes back.

Update: the site is coming back slowly, waiting for the DNS to propagate.

Previous Post | Next Post

Follow @torrentfreak

http://www.eZee.se www.eZee.se

Someone find out where Henrik Pontén…. oops, i mean Pirate
Pontén was at the time…
phishybongwaters

hmm, strange, i checked this morning, it was fine, i checked just now, it’s still fine.

In what countries are people reporting the “hijack”?

you know what, I’m getting pissed off that M@ster (nti admin) is not informing us about this there, why do i need to read this on torrent freak when I’m an nti uploader and forum addict?
dairRIAA

I hate script kidiots. They’re the reason why abortion is still legal.
Genieguy

This just sucks. In that week, this guy has probably made alot of cash on this…
The P!nk Pr!nce

‘I hate script kidiots. They’re the reason why abortion is still legal.’

What has that got to do with anything? Abortion is still legal because it should be and you my dear are an idiot.
dairRIAA

@5 Jun 09, 2009 at 20:17 by The P!nk Pr!nce

I believe term “meh” applies to your comment.
NPI

Let’s keep the abortion debate out of this, it’s completely unrelated to torrents and script kiddies.
Robbing Hood

Vigilante White-Hat Pirates is what we be needing here matey’s…arrrgh
phishybongwaters

Well as of right now, the NTi mainpage is up and fine, torrents are all working fine.

So in effect, someone else owns the domain right now? But they’ve done nothing with it?

Time to start thinking logically. You are an admin of a very popular torrent site, with a rls info sister site, and at least 1 other that I know of.

You can’t leave yourself open for this shit. No one would ever slip a keylogger onto my machine because it’s locked down hard, and I monitor ACTIVELY monitor all traffic, be it internal or network, to keep an eye on things.

There is no reason why someone skilled enough to start a major torrent indexing site, would allow this to happen.
phishybongwaters

oh ffs, ignore me, I’m talking about the wrong site.

All is forgiven, and when i say that, i mean I forgive you all for allowing me to be a jackass
Ann Hoknemouse

I think the phrase, “blow out all 3 birthday candles timmy” applies to you DairRIAA

Scridiots need to keep out of politics, they clearly haven’t the experience nor judgment to express their opinions in a way that promotes their cause in any way that would further their cause.
anon

Sweet, whoever this hijacker was, I applaud him/her.
anon

Good the more and more public sites that, good for this hacker and btw ANY decent anti virus will pick up a key logger and don’t forget about brute force attacks. anyway public sites are making more and mroe trouble for anyone that downloads all public sites should be banned
Maroan

anon, you cant be serious… Next time this hijacker could look at YOUR computer, gaining control of your bank account.. Now how much would you applaud about that??
revolution

@3

someone obviously performed a brain abortion on you.
Anonymous

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

lets see if your anti-virus are working with the EICAR.

Your anti-virus should pick up the string as a virus and warn you or in some cases it don’t show the page at all LoL

ps: try saving the string above in a TXT with an anti-virus on :)
http://www.eZee.se www.eZee.se

#13 anon – troll.
#14 – you just fed the troll ;)

On a more serious note, there are a couple of programs that obfuscate keyboard input to throw keyloggers, i dont know which one i use but do a Google search, plenty of them available for a reasonable price.

Another huge problem, people use the same password for two or more accounts, bad habit, break it, make your passwords different even if you just have to add one number at the end.

For example, here are a few passwords that are _almost_ identical

mysecretpass1
mysecretpass2
mysecretpassa
mysecretpassb
mysecretpass#
mysecretpass@
but still good enough if someone gets your first password and tries to access your other accounts.

Cheers!
eZee
dairRIAA

:)
vyvyan

Oh boy! You run a server and you run windows? You had it coming all the time.
dairRIAA

@17 Jun 09, 2009 at 21:49 by http://www.eZee.se

That’s right. There is an amazing amount of free software out there that can systematically hack mail accounts.

There is also an amazing amount of free software that will log key strokes.

Either way, the victim can also foolishly click a link/exe file and suddenly without their knowledge every key stroke is logged and secretly your computer is taken over as well as every e-mail account and domain that you might own. This is how so many web sites get taken over.

They’ve been doing this for many years. Script kiddies do it just because it’s a challenge for them and it’s fun giggling away at the things they can get away with using other peoples scripts.

I’ve been programming for 27 years now. I’ve seen and heard it all before. Script kiddies are little brats that need a good slap.
LZ

GoDaddy love to auction your domains.
NowTorrents Admin

After a very very VERY long day of angry calls, emails, faxes and what not we finally got the domain back.

In total the hackers got 5 domains, some we are still trying to get back.

NowTorrents should be working for most people by now. If you still get an error your DNS hasn’t updated yet.
Anonymous

http://webscripts.softpedia.com/script/Security-Systems/JavaScript-Key-logger-40668.html

You can create a javascript key logger.

Use lynx so your session cookies get never stolen LoL

Ok! I’m fooling around sorry, it’s just a joke but my advice is:

- Use a password generator and make a 100 digit password and use software to store and manage all those passwords.
- Use a sandbox in the form of a virtual machine(virtual box, vmware, gemu etc), or something like “forcefield” that I think is from the guys who make zonealarm.
- Deactivate HTML in your mailbox. Google do have a lot of XSS that could be exploited to acquire cookie sessions and the sad part is google is actually one of the more secure webmails, I would laugh if it was not that serious.
- Try using a text browser like lynx.

that is what I could think of from the top of my head.

Cheers
dairRIAA

Personally, I like the plain text e-mail settings and running the ‘noscript’ plugin for Firefox. I also like using complex alphanumeric and symbols in my e-mail address passwords and using different passwords for critical accounts. ;)
RoestVrijStaal

There are plenty enough torrent search engines. I’m more worried of the rarity of public torrent trackers…
Anonymous

what’s the problem?

his website is nothing more than 1′s and 0′s and you would have to be a fascist, greedy corporate lackey to think you can own 1′s and 0′s…

nowtorrents admin should be happy that anyone would want to hack his website. additionally, he is free to hack it back if he wishes.

and if websites are so easily hackable maybe instead of whining and trying to fight the progression of technology he should start selling t-shirts or something.
Black Pirate

oh i run noscript for firefox and its awsome also try WOT and Ghoustry look that up on the firefox home page its another awsome plugin
Anonymous

Sounds less like a key logger and more like a simple “forgot your password” request on Gmail.
Haha

@NowTorrents Admin

I think U should look for Admax key logger In registry Coz I m still receving logs form u……
Dave – usenet guy

This story is quite worrying. It could happen to any big site. It happened to 4chan a while ago. The problem comes from listing email addresses and personal details along with domain names in whois results. People should use a whois protect service and register domains with an email not listed on their site.

All someone has to do is hack the email account listed, reset the domain registrar password and then transfer the domain. Even if they can’t hack the email they can forge a passport or other ID from the personal details listed.
Dave – usenet guy

By “forge a passport or other ID” I mean forge a scan of one. This is usually accepted as ID by registrars.
manky goes to bollywood

cool story bro :)
basement dweller

Stop badmouthing hackers already! These lamers that exploit for personal gain are as far from true hackers as can be.

Real hackers work for the benefit of the community and they do it for free. Don’t confuse things! Hackers rule. :)
Pingback: Now Torrents Domain Hijacked by Hacker | News Inventory
Bananas in the Falklands

Sounds like Adam Dicker (who is a godaddy employee) wanted the domain name to sell.
dymma

@NowTorrents Admin,

Use some UNIX operating system for your work and make passwords like ‘lU8fhq283xjAHf’ for your accounts

Have a nice time…
Major

TheRIAA/DMCA members continue to play their illegal dirty litte games of trying to Hijacked domain names of sites they don’t like.

Sooner or later they will be caugh!
NowTorrents Admin

In total we lost 5 domain names, but all have been returned to us. We are currently trying to find out who was behind all this.

GoDaddy wasn’t very helpful, after 5 phone calls we still got nowhere… we were told it would take at least 3 days, probably more. Then we demanded to speak to a supervisor and things were sorted out within 2 hours.
1337 h8ter

hackers are sad, lonely and pathetic people. The outside is so much better than a bullying online life
Anonymous

“In total we lost 5 domain names, but all have been returned to us. We are currently trying to find out who was behind all this.”
——————

domain names WANT to be free, dude. cry me a river. how can you sit there and act like you have a legitimate claim to the 1′s and 0′s that make up your five websites? you should be thankful people even want to share your admin status. the real problem would be if no one did…

hacking is here to stay. the genie’s out of the bottle. adapt or die. my suggestion is to give everyone admin status and rights. otherwise you’re just fighting technology and that’s ALWAYS a losing battle. the sooner you let go of your property-whore dinosaur mentality, the better off we’ll all be.
snarko

@26 and @39

That’s by far the funniest shit I’ve seen all day my friend. Kudos.

Personally, I always buy the source code for websites that I’ve hijacked, if I like them enough. I’m a firm believer in the try-before-you buy methodology.
If it weren’t for hacking, I might never get a chance to appreciate the administrators of a lot of the sites that are out there!

Cheers,

Snarko

P.S. Musicians aren’t entitled to anything more than the rest of the population with a hobby. The fact that I can play an instrument well and am in a band doesn’t mean that I deserve a paycheck for it.

P.P.S. Notice, the operative term that musicians use is “play”, not “work”. Get a real job, and pay your bills; Then give your music away on p2p, and do the brain work required to make enough of a profit to keep a fanbase that can support a tour.

P.P.P.S. Being a “musician” is NOT having a real job. I don’t care how passionate you are about the flugelhorn, until you get your ass out on tour and deliver your product, (in the form of a show), you’re just another dilettante with a penchant for blowing.
msupre

New Wallpapers Added.
Visit: http://blog.bitcomet.com/9744199/

Most of the wallpapers are high resolution (HD Wallpapers).
More than 1000 Wallpapers.
Pingback: NowTorrents Domain Hijacked by Hacker | TorrentFreak | webmasterlib.com
Pingback: NowTorrents Domain Hijacked by Hacker | TorrentFreak | webmasterlib.com
Lake

As someone above suggested – use a strong password generator, make secure passwords and store all those passwords in a safe place. I may recommend to have a look at SoftFuse Password Generator for it – http://www.password-generator.com/

Ciao, Lake
HULLA

thats the reason why am i using very new thrusted http://www.go-torrent.com !!!
Bob

@43

Wow that gotorrent site is the biggest TorrentZ rip-off ever. You even use the same ID’s for the files. Time to write TorrentZ a msg to block your servers IP… so you cant steal any more data from him.

http://www.nowtorrents.com is still the best torrents search engine. Im glad its back online!
Entertane.com

Check out http://www.entertane.com for a new meta-search engine – faster, simpler – access to all your favorite torrent searches
allwrk

I prefer use http://www.p2pfinder.com, look that site…

TorrentFreak

The place where breaking news, BitTorrent and copyright collide

NowTorrents Domain Hijacked by Hacker

Related Posts

Previous Post | Next Post

NewsBits

Blu-ray Anti-Piracy Tech Stops Discs and Promotes Purchases

Foxtel Breeds Pirates by Locking Up Game of Thrones

UK Student Admits Breaching Sony Copyrights With Leak of PS3 SDK

Pirates Can Be Identified Despite Sharing IP Addresses, ISP Claims

Feds Seize Cash from Major Bitcoin Exchange’s Dwolla Account

MostDiscussed

Pirate Bay Takes Over Distribution of Censored 3D Printable Gun

McAfee Patents Technology to Detect and Block Pirated Content

Pirate Bay Finds Safe Haven in Iceland, Switches to .IS Domain

Game Pirates Whine About Piracy in Game Dev Simulator

Copyright Trolls Threaten to Call Neighbors of Accused Porn Pirates

CopyQuote

PopularArticles

VPN Services That Take Your Anonymity Seriously, 2013 Edition

Top 10 Most Popular Torrent Sites of 2013

Which VPN Service Providers Really Take Anonymity Seriously?

What’s The Best VPN / Proxy for BitTorrent?

BTGuard Review: How Does it Work?

Optimize Your BitTorrent Download Speed