How Do You Hijack a Popular Streaming Movie Site? With Ease, Apparently

Home > All >

It's not unusual for file-sharing sites to undergo a change of leadership following momentous events, but just how easy is it to take control of one by force? Today TorrentFreak speaks with the admin of PrimeWire, the new name for LetMeWatch this and 1Channel, who has had an astonishing three domains hijacked from three separate registrars during the last two years.

hijackEarlier this week we published an article on the quite puzzling situation surrounding one of the world’s largest streaming movie sites.

In a nutshell, some time ago LetMeWatchThis changed its name to 1Channel. Then more recently it changed back again after the 1Channel domain was hijacked. After more shenanigans the site changed its domain to and then this week, reportedly changed to

After receiving lots of emails on the topic, mostly asking which is the real site, we have now unraveled the mystery. We can confirm that of the domains currently operating, and are ‘real’ and the others should all be disregarded as either dead or fake.

So what on earth has been going on?

On Friday, TorrentFreak managed to get in touch with the admin of the real sites who told us a quite astonishing story of how his domains were stolen from under his nose – not once, not twice, but an amazing three times.

It all started off a year ago when the site was operating from, a domain that was hijacked and now diverts to, a clone site presumably operated by the hijackers.

Then in May, after the site had moved to the replacement, that domain was also hijacked., yet another replacement, suffered the same fate. This week, the latest substitute domain, was hijacked too but is now back in safe hands.

So is poor security on the admin’s side to blame here or are there other factors at play? Apparently, domain name registrars are very easy to fool if you know how.

“The state of domain registrars is simply terrible,” the PrimeWire admin explains.

“We have had three domains hijacked from three separate registrars in the past two years. Every single registrar was given very specific instructions to prevent these hijackings, however every single one simply handed over the domain based on badly doctored ‘proof’, completely disregarding the warning given to them in regards to scenarios exactly like this.”

So how exactly are the registrars being convinced to hand over domains to impostors?

“This is actually a scary thing, since you can pretty much gain control (at least temporarily) of any domain you choose by pretending to be the owner of the domain,” our admin reveals.

“You don’t have to have access to any emails, passwords, or any other credentials. You simply grab the information from the WHOIS, write a letter with an attached photo-shopped ID with the same name, send it from a random email address, and the domain will be handed to you fairly quickly.”

So what can be done to avoid having your domain taken?

“Domains with no WHOIS at all (.to .so, etc) or protected WHOIS would probably do the trick, however after seeing how registrars just hand over domains without warning to random people, I wouldn’t bet on this 100% either,” the admin says.

“I think the best thing to do is build a strong community on the site, which cannot be stolen, and they will always keep the site alive no matter how many name changes it goes though,” he concludes.

So finally, the wrap up users of the sites have been waiting for: – Hijacked in 2012, still hijacked – AVOID – Hijacked in 2013, now retrieved – BACK IN SAFE HANDS – Hijacked in 2013, now frozen – FROZEN – Owned by hijackers – AVOID – Hijacked in 2013, now retrieved – BACK IN SAFE HANDS (Official site)


Popular Posts
From 2 Years ago…