ISP Secretly Copies BitTorrent Tracker Data

Home > Piracy >

Last month, the prominent Malaysian ISP "Shinjiru" had shut down several torrent sites, following pressure from the government. Strangely enough, after a few days of downtime some of the sites started to reappear, like nothing had happened. However, those sites who did not leave, are now being tapped.

Just when things seemed to cool down in Malaysia, we received a rather disturbing email from one of the sysops of The sysop told us that, after a few days of downtime, the server was suddenly up again. “After further inquiries with Shinjiru’s billing and abuse department we were assured that “the coast was clear,” he said.

This turned out to be a false sense of security though, as the sysop explained. “Two days ago we discovered that an external disk was suddenly mounted on our box (in a quite clumsy way, I might add) 24/7 support didn’t know shit about it, until 2 hours ago when a senior admin confirmed that this disk was attached by their legal department and out of their hands.”

The sysop discovered that there was something wrong, because the server load was extremely high. At first, the support department couldn’t really figure out what was wrong, but after a few messages back and forth, they got this worrying explanation.


After investigation on your server, we found that your server is involve with an abuse case on copyright/torrent. Your server was accessed by our local legal party for investigation. This is a sudden action by them, and we not informed earlier. Due to legal party we have no choice but to comply. Kindly contact to our abuse department for further information. Thank you.

Paul C.
Level 2 Support

So, it turns out that – without notification – Shinjiru started to copy data from the BitTorrent tracker for investigation, whatever that may be. It is unsure at this point whether the ISP will hand over the data to authorities, and whether they are doing it with other trackers, but it’s not looking good.

“This is important to get out as they are most probably doing this to every site they know about, and users are being recorded,” the sysop said. “We have destroyed the data on their USB connected disk, destroyed our site backups on it and truncated and deleted all tables, to ensure the protection of our users. As I have stated it was done with out warning nor consent.”

It looks like Shinjiru might have been pressured by the Malaysian government again. However, even then it is still a strange move to copy data from one of their clients, without notice. The sites that are still hosted there need to be aware of this, and take appropriate action. To be continued.

update: Shinjiru confirmed to TorrentFreak that there was indeed an external drive connected to the server, and that “authority on copyright infringement” attempted to copy the data.


Popular Posts
From 2 Years ago…