This morning Katz visitors noticed a rather dramatic change. After having displayed the message Hacked :) for a short while, visitors to the site were redirected to rapid-downloads.com, a scammy pay-to-download service.

Aside from the main site, all subdomains, the forums and Katz’s adult site were redirecting to the same page as well, all via the same referral link. No official explanation has been offered by the site’s operators, but Katz appears to have fallen victim to a malicious hacker who is trying to make a few bucks off unsuspected users.

Theories as to the site’s fate currently remain just that, but all signs point to a site or domain vulnerability that has been exploited. TorrentFreak has spoken with sources close to Katz, and although neither could inform us about what was going on, we were assured that the Katz operators themselves have no reason to setup the redirect.

This would make sense, particularly since the regular operation would probably bring in more revenue than this type of redirect would, especially in the long run.

The question, however, is why it has remained ‘hacked’ for almost a day now? This seems to suggest that something more serious than a code or server vulnerability has struck the site(s).

Interestingly, one of Katz’s main competitors PhazeDDL suffered a similar hack during October last year. At the time, the Katz Twitter account took advantage of the situation, claiming it was not hacked but shut down.

“PhazeDDL has shut down (not hacked). Have you tried Katz Downloads? http://katz.cd/” one of the tweets said.

The true nature of the hack and redirect will probably become clear in the coming days. If we receive more solid information regarding the situation in the coming hours we will add it to this post. Meanwhile, Katz users and the many forums that depend on its traffic will have to remain patient, or try one of the many alternatives.

Update: Several sources seem to suggest that “internal troubles” are the cause of the current situation, and that it may not return quickly or at all in its old form.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

But of course, being hacked isn’t the sole preserve of these organizations, it can happen to file-sharing sites too. In November 2008 a hacker tried to gain control of Torrentz.com and at the beginning of June NowTorrents had its own problems.

Today we bring news of another sizable hack, this time affecting Italy’s most prominent BitTorrent site, TNT Village. A hacker targeted the 50,000 member site and made off with the site’s database.

The admin of TNT Village explains: “A son of a bitch was able to discover my password. With it in recent days he has removed the TNT database. I then proceeded to change my password but in the meantime he/they had taken some sensitive data to users, and yesterday they were made public.”

Indeed, a torrent of the stolen data has appeared on various BitTorrent indexes. The data contained within is largely in Italian but a source with an interest in security breaches told TorrentFreak that the archive contains very sensitive information.

The site’s database schema, the actual database with around 50,000 usernames, passwords and emails, a list of site donors and private messages have all been leaked.

The site has taken steps to limit the damage but concerned users should change their passwords immediately, at the very least.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

But how vulnerable is BitTorrent?

Nikitas Liogkas, Robert Nelson, Eddie Kohler, Lixia Zhang from the UCLA Computer Science Department, tested three ways to cheat BitTorrent.

1. Download only from seeds
2. Download from fastest peers
3. Advertise false pieces

They conclude from their research:

“BitTorrent appears quite robust against this kind of exploit: selfish peers can sometimes obtain more bandwidth, and honest peers’ download rates suffer slightly in consequence, but we
observe no considerable degradation of the system’s quality of service.”

Additionally they propose five mechanisms that they believe will contribute to BitTorrent’s robustness.

1. parallel downloading: maintain parallel interactions with multiple peers; enables adaptivity in dynamic conditions
2. client memory: the torrent client remembers where a piece comes from, and is able to punish cheating peers.
3. problem partitioning: decouple data needs from provided service; prevents manipulation by declaring false info
4. export minimal information: hide exploitable information, who’s a seed for example.
5. keep the network connected: random choice in optimistic unchoking prevents clustering and starvation

Link to the article for more info: pdf | html

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.