On occasion, however, usually as a result of a court case, the veil is lifted and the general public is given a taste of the kind of subterfuge employed by those operating the servers behind The Scene, the so-called ‘Topsites’. A 2012 case in Finland provided one such intriguing example.

It involved a topsite known as Hayabusa / Rainbow (HBR / RBW), which was used by famous movie and TV show release groups including MEDiEVAL and DoNE. The topsite only had about 50 members and was reportedly kept running by just four individuals. How they did so was fascinating.

Three of the men, who worked for a pair of Finnish Internet service providers, were employed in positions that enabled them to not only run but hide the site. The site’s servers were installed by employees of Saunalahti, a company owned by Finnish ISP Elisa. The topsite itself was run from the IP address of a man from Helsinki, who worked for Elisa and had access to their fastest fiber connections.

Then the really clever bit. As employees of Elisa the topsite operators were able to modify the ISP’s network monitoring software in order to hide the existence of their topsite. Unfortunately, however, the police were already on their trail following claims that they had illegally distributed copies of movies including The Bourne Ultimatum, Spiderman 3 and Ratatouille. Despite receiving a timely tip-off, the operators were eventually arrested.

During a 2012 trial at the Espoon District Court the site operators stood trial for copyright infringement offenses. Three were handed suspended jail sentences ranging between four and six months and ordered to pay compensation. A fourth received a fine equivalent to 60 days pay.

That said, things could have been worse. Rightsholders had originally demanded 70,000 euros, so a compensation award of 1,000 euros against the soon-to-be-jailed operators was a relative drop in the ocean. However, the entertainment companies behind the action, headed by anti-piracy group CIAPC/TTVK, aired their dissatisfaction by taking the case to appeal.

This week the Helsinki Court of Appeal handed down its decision and it’s yet more bad news for the site operators. The court increased the amount awarded by the district court from 1,000 euros to 22,000 euros.

“The District Court had sentenced three operators to pay about 1000 euros as compensation for the right holders. The Court of Appeals regarded this as a remarkably low amount of compensation with regard to the specific features of the case,” CIAPC Deputy Director Jaana Pihkala informs TorrentFreak.

Although the amount was considered low, fortunately for the defendants the rightsholders’ claim for more than 72,000 euros was not accepted in its entirety.

“One of the facts that the Court took into consideration as lowering the amount of compensation was that the operators had limited possibilities to control how much the works were copied,” Jaana explains.

The Court of Appeal also said that the claim, which was based on items to be found in the physical domain (DVDs etc), did not directly relate to items which had been electronically created and distributed in the online world. Lower cost of production and distribution meant a lower damages award.

While overturning the District Court’s ruling on compensation, other issues relating to the original sentencing remained untouched as the prison sentences of the defendants were not appealed by the entertainment companies.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

The actual situation is nowhere near as bad as some would like to make out, but every now and again something happens to remind us that it is very possible for something nasty to slip through the net.

On February 12, 2013 a new warez group appeared calling themselves MeGaHeRTZ. Their first release was BurnAware Professional v6.0 plus a patch to remove the software’s protection. Over the months that followed the group released a lot of noteworthy products such as SmartFTP, DVDFab, FlashFXP, Incredimail, Traktor and hundreds more, each with the obligatory ‘freebie’ patch.

Tomorrow the group will have been operating for a full nine months and during that time their releases have spread to every corner of the Internet. However, far from merely wanting to do downloaders a favor, MeGaHeRTZ have been playing a little dirty.

Over the weekend a notice spread around the warez scene which detailed how one individual became alarmed by unusual firewall activity after he had installed, ironically, a MeGaHeRTZ release of Malwarebytes Anti-Malware Pro.

The problem reportedly came from patch that MeGaHeRTZ supplied with the release which attempted to send out traffic on port 25, a port commonly used to send email. The same individual who found the strange activity then ran the patch through a debugger and to his alarm found that it was harvesting information from the host machine.

The data being gathered from infected machines includes the username, computer name/drive serial obtained from the Windows API, and the host machine’s IP address. This information is then packaged up and sent off to any of three predetermined email addresses, all of which have account names containing some variation of the MeGaHeRTZ group name.

Further tests were carried out on several other MeGaHeRTZ releases and they were all found to carry similar mechanisms for pulling data from host machines and funneling it back to the release group.

Quite what MeGaHeRTZ intend to do with the data is unclear but it appears that as an active release group they are now finished, at least under their current identity. On Saturday the warez scene took action to ‘nuke’ every MeGaHeRTZ release, which means they won’t be allowed to release anymore.

Revealing malware in scene releases is a very unusual occurrence and malicious content is usually added at a later stage by third parties. Still, the damage has now been done. MeGaHeRTZ releases are now all over the Internet and there is nothing that anyone can do to get them back. Avoidance is the only solution now.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

Of course, when the Internet took off things changed massively. Free software became available to anyone willing to persevere, not just those with access to a private BBS. Applications for just about any purpose were uploaded to the Internet thick and fast and as a result manufacturers had to think even more about their copy protection mechanisms.

But while software houses were applying anti-piracy measures to their products, plenty of groups were at work stripping them out and sharing DRM-free versions with close friends and associates online. Inevitably though, so-called “cracked” software leaked out, meaning that pretty much everyone could gain access to zero cost software, often on the day of release – 0day as it’s known.

Created way back in 1999, one such group was LineZer0. More commonly known by the characters Lz0, the group has operated for an incredible 14 years and to say they have been prolific would be a massive understatement.

During that time Lz0 has delivered an incredible 30,000 software and games releases for desktop machines and handhelds (including iPhone and iPad), each designed to be enjoyed only by the reclusive ‘warez’ scene.

“We do not wish for our releases to be widely spread across web boards, P2P networks and the like. While we do know that occurs we strongly urge people to not share these titles at such places,” Lz0 stated in their releases. Few took any notice.

Typing the term ‘Lz0′ into any search engine or torrent site reveals endless streams of cracked software from hundreds of companies, for anyone to download and enjoy, for free. But for Lz0 and their countless fans, the final curtain came down prematurely yesterday.

Over the weekend someone in the warez scene released information that was obtained as part of a security breach against Lz0 in 2009. While assuring people that much of the data was related to closed sites and individuals who have since left the piracy scene, Lz0 felt it had no option other than to close down the group and retire completely.

“We’ve shared a long and fun road, and we’re sad that this is how it ends,” Lz0 said in a statement.

The group confirmed that the names Lz0 and Lz0PDA will be put completely to rest – no one will ever be able to genuinely use those tags again. Additionally, hundreds of software companies will be able to breathe a collective sigh of relief, at least until other groups take up the slack. But annoying companies was never LzO’s stated aim.

“Our releases are made to make sure that the end-user is able to fully test a title before going into a purchase as well as give the end-user an opportunity to make backup copies of titles he or she already owns,” the group said. “Please do respect our stance on this and make sure that you buy the required licenses upon deciding to buy the product. Respect the software authors that have put time, money and effort into creating the title you now have in your hand.”

Finally, for some the joy of cracked software was not the tools themselves, but the entertainment value of the additional items groups like Lz0 packaged with their releases. For many – piracy dramas aside – the kind of music and graphics illustrated below provided the most intoxicating mix.

Lz0: 1999-2013

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

‘Warez’ groups are made up of individuals with the shared interest of leaking the latest movies, music, TV shows, games and software onto the Internet. The collective term for these groups, their servers, and their infrastructure, is ‘The Scene’.

While most Scene members prefer to keep their sharing private and between themselves, others do not share the same philosophy. All it takes is for one ‘rogue’ member to take a release and upload it to The Pirate Bay and then the whole world gains access. This happens much of the time and makes Scene groups prime targets for law enforcement.

However, while The Pirate Bay is in the news every other week the relative obscurity of Scene groups means they rarely appear in the news. When they do it usually spells bad news – for the pirates at least.

This week four alleged operators of a Scene topsite called Hayabusa / Rainbow (HBR / RBW) are appearing before a Finnish court charged with copyright offenses. The individuals are described as IT professionals which is hardly a surprise, but perhaps of more interest is that three of them worked for a pair of Finnish Internet service providers. Their positions appear to have proven crucial to the site’s operations.

According to an investigation carried out by the police, the topsite servers of HBR / RBW were installed by employees of Saunalahti, a company owned by prominent Finnish ISP Elisa. Taking full advantage of Elisa’s position, it’s claimed that these servers were installed in Elisa’s machine room and connected to the Internet using the ISP’s super-fast fiber connection.

Then, to complete the stealth installation, it’s alleged that the defendants modified Elisa’s network monitoring software so that the IP addresses and traffic generated by the servers went unnoticed by the company.

Nevertheless, police investigations eventually led to Elisa and the company was asked to provide the identity of the people behind the server. But inside the ISP the news that the police were looking for the Hayabusa / Rainbow operators traveled fast.

After hearing of the investigation one of the defendants is said to have taken down the site and attempted to destroy evidence.

The hearing, which began on Monday, is set to conclude tomorrow.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

Of course, in January the cyberlocker market had a rude awakening in the form of the Megaupload raids, and ever since the release scene has been shuffling around and reorganizing. Several file-hosting sites decided to call it quits and with their demise many so-called indexing ‘release’ sites couldn’t find the strength to carry on.

Some, however, such as the hugely popular Rlslog.net, carried on regardless but in the last 24 hours perhaps the biggest indexing/release site casualty of 2012 has been announced.

OneDDL, a site that in one form or another has been around for the past seven years, has decided to call it quits. The announcement comes as quite a surprise, since only 24 hours ago the site was still posting popular US TV shows and movies. The fact that it did so regularly has not been lost on the studios.

The site has operated two domains (OneDDL.com and OneDDL.eu) since Google started logging rightsholder takedown requests against the site in May 2011. During that time Google has received 544 takedowns, of which 356 came from NBC Universal.

Although OneDDL have offered no concrete information, between the lines of their shutdown statement reads a familiar story.

“The legality of websites, such as ours, has always been a rather grey area. I had believed that this ambiguity would work to our advantage and originally, that is what lawyers told us (yes, we went to see lawyers),” says the site owner.

“Lately however, the landscape has changed, and it appears the grey is gradually becoming black and white, unfortunately not in our favour.”

OneDDL’s owner continues by stating that the site always operated within the law by responding to takedown requests from copyright holders, but that even that couldn’t save the site.

“For some people, this is simply not enough,” he adds.

When contacted by TorrentFreak, the site’s owner would not be drawn on the exact reasons for the shutdown. As usual though, the Internet rumor mill is churning with stories of the site being “under investigation” and threats from US entertainment companies and their UK proxies. We have been unable to confirm any of the claims.

What seems completely certain is that from a downloading perspective OneDDL is no more. That has saddened the site’s considerable userbase – Alexa has OneDDL ranked as the 4,419th most popular site in the world – but perhaps inevitably the main discussion point in the site’s goodbye statement has quickly turned from farewells into where to find OneDDL alternatives.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

The single charge relates to the pre-release of the Kanye West album, ‘Graduation’, which which according to the DoJ was uploaded to a private server in August 2007, one week before its official release. According to Scene records, it was in fact uploaded 11 days before.

Montejano had previously admitted that from 2002 to 2007 he was the leader of the warez release group OSC (oL-sKOOL-cLASSiCS), a group dedicated obtaining music and making it available to the Scene in advance of its commercial release.

According to court documents, Montejano maintained OSC’s server and also admitted to uploading music to servers operated by other warez groups.

Following the January 2007 break up of another famous release group known as RNS (Rabid Neurosis), Montejano is said to have utilized the group’s two former suppliers known as ‘adeg’ (Bennie Glover) and ‘StJames’ (James Anthony Dockery). Both were employed at a CD pressing plant that manufactured for Universal Music.

Rabid Neurosis had operated over a longer period – between 1999 and 2007 – and were responsible for dozens of major releases including Eminem’s ‘Encore’ and ‘How to Dismantle an Atomic Bomb’ by U2.

Following their arrests, Glover and Dockery pleaded guilty to conspiracy to commit willful copyright infringement. Both were sentenced on January 15th 2010 to three months in prison and two years of supervised release.

However, in March 2010 two other RNS members, Matthew Chow and alleged group leader Adil Cassim, were found not guilty on charges of conspiracy to commit copyright infringement.

Montejano’s sentencing is scheduled for July 25th where, like those before him in both groups, he faces a maximum penalty of five years in prison and a $250,000 fine.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

Early March, the Sumerian Records label decided to utilize an increasingly popular method of getting some free publicity for a band on their label, i.e tell everyone that their music has leaked to file-sharing networks and all concerned are very angry about it.

“Hey all you jobbers who like to steal our albums – word out on the ocean (pirates don’t use streets) is that the BOO [Born of Osiris] album has leaked.. perhaps the pirate ship will leak too and sink in to the sea. In any case, enjoy pirating the record and hopefully you guys choke on a cannonball. Happy torrenting you cowards!” label founder Ash Avildsen declared.

As it turns out, the entire tirade was a hoax designed to get people to download a copy of the album – but with the band chatting, farting and generally messing around over the top. Apparently the whole thing was quite funny, especially the Charlie Sheen samples. Welcome to music marketing 2011-style. And why not?

However, just a few days later Avildsen’s attitude towards file-sharing networks changed somewhat. In a YouTube video which began with the industry line that music piracy ‘robs’ the United States of 71,000 jobs and $12.5 billion in economic output, Avildsen asked people for just 3 minutes of their time to ‘open their minds’.

This was quickly followed up by the cover of the upcoming Born of Osiris album merging into a view, accompanied by a note that file-sharing is only good for unsigned bands to get publicity and established bands and labels only suffer at their hands. At around the 2 minute mark, Avildsen sank his teeth into torrent sites and their “corporate” advertisers.

“Let’s call a spade a spade – there’s nothing more pathetic than making a living off being a thief,” said Avildsen. His anti-piracy message was widely reported in the music media and you can see the full thing at the bottom of this article, but for something rather more eye-opening, read on.

“I used to run in the same circles as Sumerian Records founder, Ash Asvilden,” Jason Fisher of heavy metal music site The Gauntlet told TorrentFreak this morning.

They’re both in the music business, so perhaps nothing too surprising there? But rewind a few years and things get very interesting indeed. Fisher now admits he was a member of multiple warez groups – Amnesia, the mighty Razor 1911 and ROR (Release on Rampage).

“As I listened to Ash’s statement, it really bothered me when he states ‘there is nothing more pathetic than making a living off of being a thief.’ So as Ash puts it, let’s ‘call a spade a spade,’” Fisher explained.

“What Ash doesn’t tell you is that when he was in high school, we ran in the same circles…the software piracy/hacking circles.”

Surprisingly, Fisher and Asvilden had crossed paths with their shared connections to ROR (Release on Rampage).

Having existed in other forms, 1995 saw ROR transform into a games release group and was taken over by a new leader known as The Krazy Little Punk (TKLP). He and the group became infamous in warez circles for claiming to have pre-released the most-anticipated game of the time – Quake – the follow up to ID Software’s massive hit, Doom2.

However, when the dust settled it was discovered that the release was actually a repackaged beta version of the game. ROR was banned from the scene for their sins and TKLP was forced to start a new group called Reflux (more background here).

So with that history out of the way, how does that relate to Sumerian Records? Well, according to Jason Fisher, the leader of ROR (The Krazy Little Punk) is none other than Sumerian Records founder, Ash Asvilden.

“When I first heard Ash was starting Sumerian Records, I thought he was probably the one guy out there smart enough to change this lagging industry around. I was interested to see what new ideas for running a record label he would have. I thought surely if anyone could do it, it would be Ash, the dude is brilliant,” Fisher explains.

“But it turns out he is going to go down the same road that so many others have gone down and never recovered from. Let’s hope it isn’t too late. He is right, piracy is a huge problem in the music industry, I’d just like a little more disclosure coming from a guy who has cost software companies millions of dollars.

“He ended up getting busted for releasing the alpha source for some major ID software release,” Fisher told us, adding that he too had received “visits” from the FBI.

Whether these brushes with the law led to a Road to Damascus-style recovery for Asvilden remains to be seen. But let’s not forget, this was many years ago and a lot has altered since then. Times change, attitudes change. People get mortgages.

TorrentFreak contacted Sumerian Records for comment but at the time of publication we have received no response.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

Following a lengthy investigation by anti-piracy group Antipiratbyrån, during the last 48 hours Swedish police acted on their evidence and moved in on at least one ‘topsite’.

The site, which supposedly carried between 200 and 250 terabytes of media, was known as ‘Devil’. During the raids police seized a dozen servers and other computers and detained one person.

The individual, who is believed to have been handed over to Antipiratbyrån for questioning, is accused of being the operator of ‘Devil’. He is blamed for the distribution of “tens of thousands” of mainly Hollywood movies.

In what appeared to be a security response to news of the bust, other topsites started going down in Sweden and at least one other major European country.

Elements of two other topsites with links to ‘Devil’ known as Secu and Tomte (250 terabytes combined) have also been affected but so as not to compromise our sources, we will refrain from going into further detail as to why at this stage.

Suffice to say that some fairly important movie release groups (particularly Swedish ones) were connected to the sites and their activities will have been disrupted, at least temporarily.

Within the Scene the recriminations have begun, with fingers pointed at individuals and groups who are suspected of having caused the security lapse which led to the busts. Not unexpectedly, the accusations appear to be focused on Scene members who are also connected with P2P sharing groups, a frowned upon activity but one that is nevertheless widespread.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

Officers in 14 countries coordinated to carry out multiple searches in an attempt to inflict serious damage on the so-called Warez Scene, the shadowy network of Internet based servers and individuals who deal in large quantities of pirated music, movies and software.

Yesterday nearly all information had come from either the authorities, police or staff at datacenters, notably Sweden’s PRQ, but since then TorrentFreak sources with varying levels of inside information have been trying to put us in the picture.

So, keeping in mind that reporting on the Scene is a black art, that we’ve had to hold some information back to protect certain individuals and keep our sources happy, and redact here and there to protect others, here are our findings thus far.

“In pretty much all of the cases the police just walked into the datacenters, proceeded with warrants, more or less unplugged the boxes and left with them,” one source told us. “They knew very well exactly what they were looking for and this was a highly coordinated attack.”

While there were reports of individuals having been taken in for questioning yesterday, for an operation of this size those numbers seem unusually low. This is due to the operation targeting only ‘topsites’ – no specific release groups or their members appear to have been the focus of the action. It’s believed that some siteops weren’t so lucky.

We know that the raids were carried out at the behest of the Belgian authorities and two sources have told us that it is suspected that a Scene group in Belgium had been infiltrated a long time ago. Indeed, the authorities over there say that this operation had been two years in the making.

Another source is pointing the finger squarely at a siteop with poor security, but whatever the reasons, these sites are now in disarray.

As of last night, all the following Scene sites were down either because they were successfully targeted in the raids or as a precautionary measure. The first three are said to be very highly ranked and three of the top four were almost certainly busted.

1. BAR – Sweden.

2. LOST – Czech Republic

3. [name redacted] – major site in The Netherlands

4. SC – Sweden / Poland

5. Affiliated site in Eastern Europe believed safe, but down.

6. [porn section of a sitering, redacted] – Sweden

Based on the information we’re being provided with, certain sites probably survived due to the techniques they employed to thwart this kind of an attack. In other cases perhaps the police didn’t quite get it right. We can’t be more specific.

Sources inform TorrentFreak that Sweden’s BAR was one of the four most important 0day sites. Since it went down yesterday, another significant southern European site in that top four has announced it has closed its operations for good.

In respect of the Czech operation, Jan Podhajsky of the Czech Pirate Party told us that a raid was carried out on a dormitory at the Czech Technical University in Prague. This is not the first time police have carried out an operation in this location – Podhajsky told us that raids against hackers have been going on there since the late 90s.

It seems that the impact of this large, Europe-wide operation will be significant, at least for the near future.

“Many groups and especially server operators are once again scared shitless,” a source told us. “We can probably expect more ‘resignations’ in the following days.”

Update: We’ve received information which suggests that a topsite, possibly the main one in the UK, was busted yesterday. There are unconfirmed reports that another is also down, but that could be just as a precaution. Two Scene groups have been reported to us as badly affected by the topsite raids but until we can confirm, we won’t be naming them.

Anyone with further information can contact us in confidence via tips@torrentfreak.com

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

According to evidence presented at his May 2008 trial, Barry E. Gitarts, aka ‘Dextro’, operated and financed a server based in Texas which was used by aPC to store thousands of music files, movies, software and games. The New York resident was convicted of Conspiracy to Commit Criminal Copyright Infringement.

On Friday, Gitarts, aged 25, was sentenced in Alexandria federal court to 18 months in jail for his role in aPC.

Another ex-member of aPC, Jacob Stahler, aka Lunatik, was on the witness list at the May trial, and there has been speculation that he testified against Gitarts. Stahler himself was also convicted of Conspiracy to Commit Copyright Infringement, but was later sentenced to just 2 years probation.

So far there have been a total 15 criminal convictions of aPC members, including that of Mark Shumaker of Florida (aka ‘MarkAlso’), a previous leader of the group who already admitted criminal copyright infringement back in 2003.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.