DDoS attacks are not an unusual event for many private BitTorrent trackers. Although they are sometimes used as an excuse for server issues, most of the larger trackers have been subject to such attacks at least once.
Norbits is one of these trackers, a medium sized community with over 10,000 members, most of them from Norway. Norbits has suffered downtime because of DDoS attacks before, but this time the threat may be more serious than that.
In an NFO file obtained by by IT-Avisen, a group called MORRADi takes responsibility for the attack on Norbits. “Once again we show our power! Once again we show your foolishness! This is not the first time we have done it, and it won’t be the last,” they write (translated).
“Enough is enough, you are becoming a real nuisance, and you are also a bunch of idiots that try to hide, so it’s high time we punish you! P2P is not something we want, when will you understand that? Do we have to take it as far as publishing your user database online?”
The message seems to suggest that “sceners” are behind the hack and the attacks, since they don’t want their releases shared on BitTorrent trackers. IT-Avisen journalist Trond Bie thinks this is plausible, as he told Dagbladet: “I know that there are people on the FTP scene that don’t like Norbits. It’s not improbable that such a group wanted to attack the servers. It’s happened before.” Whether the group actually has access to all the IPs, usernames and transfer logs of Norbits users remains unclear.
This would not be the first time that a private BitTorrent tracker has been hacked. Earlier this year the IP-addresses of seedboxes and of top-users on some of the larger private trackers leaked to BitTorrent. Nevertheless, this kind of information is useless to anti-piracy organizations, as it is impossible to verify whether it is legit or not.