The Biggest Ever BitTorrent Leak: MediaDefender Internal Emails Go Public
Written by Enigmax & Ernesto on September 15, 2007
When TorrentFreak reported that Media Defender (MD) was behind the video site MiiVi, they cast doubt on us. Now, in what is surely the biggest BitTorrent leak ever, nearly 700mb of MD’s emails have gone public. When MD’s Randy Saaf found out we rumbled MiiVi he said, “This is really foobard.” This is too, but much more so.
When we reported in July that an Anti-Piracy Gang Launches their own Video Download Site to Trap People and that the company was called Media Defender and, as anyone who aims to be a credible news resource would, we checked and double checked our sources. We said, with some confidence:
Media Defender, a notorious anti piracy gang working for the MPAA, RIAA and several independent media production companies, just launched their very own video upload service called “miivi.com”. The sole purpose of the site is to trap people into uploading copyrighted material, and bust them for doing so.
However, in comments made to Ars technica, Media Defender’s Randy Saaf chose to rubbish our claims, calling it an ‘accidentally un-secured internal project’.
From the emails we cannot be sure that it’s an entrapment site or that it is related to the MPAA (perhaps it’s a legit a P2P video client?), but it does look suspicious.
Unfortunately for Media Defender - a company dedicated to mitigating the effects of internet leaks - they can do nothing about being the subject of the biggest BitTorrent leak of all time. Over 700mb of their own internal emails, dating back over 6 months have been leaked to the internet in what will be a devastating blow to the company. Many are very recent, having September 2007 dates and the majority involve the most senior people in the company. Apparently this is not the first time that a MediaDefender email leaked onto the Internet.
According to the .nfo file posted with the Mbox file the emails were obtained by a group called “MediaDefender-Defenders”. It states: “By releasing these emails we hope to secure the privacy and personal integrity of all peer-to-peer users. The emails contains information about the various tactics and technical solutions for tracking p2p users, and disrupt p2p services,” and “A special thanks to Jay Maris, for circumventing there entire email-security by forwarding all your emails to your gmail account”
Note: The mbox formatted file is circulating publicly on BitTorrent, completely unedited. However, for publication here we have removed the username and password logins for Media Defender’s servers, and replaced them with asterisks and avoided publishing emails of a personal nature, e.g pay negotiations etc. We believe that the emails are the real deal and all the info posted here serves the public interest.
At first we couldn’t believe that it was real, but after we scanned through the e-mails it became clear that it was indeed the real deal. Hundreds of IPs and logins to their servers, lists of their decoy/entrapment trackers, decoy strategies, the effectiveness of their fake torrents (in many cases with a breakdown of success, title specific), high and low priority sites, .torrent watchlists, information on their monitoring of competitors, pictures of their weekend trips and even the anti-piracy strategy for dealing with The Simpsons Movie leak:
# REMINDER: “The Simpson’s Movie” premieres this Friday (to Torrents).
* Decoy files are available in torrents MDfile server.
* Use Public Trackers for pre-Leak releases.
* Create two new trackers for this project.
o Ebert to inform Torrents of these new machines.
* Send a list of 5 release names from each torrent team member to Ebert.
* REMEMBER to input torrent file into interdiction if a real Leak is available this weekend.
It’s impossible to sum up all the juicy details in one post as the amount of information is staggering, so as much as we’d like to tell you about the custom Media Defender software (called ProxyMaster) included in the leak, we’ll focus mainly on the MiiVi case.
Let’s start off with their response to our story about MiiVi.com.
From: Ben Grodsky
Sent: Tue 03-Jul-07 20:19
To: MIIVI; Randy Saaf; Octavio Herrera; Steve Lyons
Subject: MiiVi got Dugg
Looks like the domain transfer has screwed us over:
http://torrentfreak.com/anti-piracy-gang-launches-their-own
-video-download-site-to-trap-people/
http://digg.com/users/AcePup/news/dugg
-Ben
And the response from Randy Saaf himself.
This is really foobard.
Let’s pull miivi offline.
Apparently our reports about MiiVi made them really paranoid. They are worried that reporters will apply for jobs just to find out more about their secret project.
read the complete article online here:
http://torrentfreak.com/mediadefender-emails-leaked-070915/
Sabu
Best news for a long time lol..
If you look in the comments, you'll see a list of (may be new) MediaDefender IPs. I suggest you go add them to the latest blocklists.
QUOTE (beesasap @ Sep 15 2007, 08:45 PM) 
If you look in the comments, you'll see a list of (may be new) MediaDefender IPs. I suggest you go add them to the latest blocklists.
Hey,
I just looked at that list, and there was no new entry we could add to our blocklist in em.
So, all those IPs that are posted there we had allready blocked and all of em for quite some time now.
HvT
ok thanks for the suggestion 
haha... This is definitely some great news. And so is this...
Pay us $8M, Santangelos tell AOL, Kazaa
p2pnet news | RIAA News:- Michelle Santangelo and her brother Robert, victims of Warner Music, EMI, Vivendi Universal and Sony BMG’s RIAA, sue ‘em all campaign, say Sharman Networks, based in Australia, and Time Warner’s AOL together owe them almost $8 million, plus legal fees and expenses.
The Santangelos and their lawyer, Jordan Glass, recently initiated a third party action against: Sharman Networks, owners of Kazaa, the seriously discredited P2P file sharing software implicated in most RIAA cases; former family friend Matthew Seckler; and, AOL.
An attack like this, believed to be the first of its kind in these anti-P2P cases, is the last thing the RIAA (Recording Industry Association of America), fronting the lawsuits, wants or needs.
It’s just been presented with its most dangerous threat to date which may force it to abandon its Making Available weapon under which it claims merely having a copyrighted file in a document is enough to warrant an infringement action.
The Big 4 and their RIAA prefer targets to simply cave and pay extortion amounts in the hope they’ll thus avoid been named in court cases.
The tactic has to an extent been successful with university students across America who are being intimidated into paying upwards of $3,000 in so-called ‘pre-settlement’ fees, with many of the universities themselves acting as corporate copyright cops.
Michelle and Robert, meanwhile, recently submitted an application to include Sharman Networks, owners of the Kazaa P2P application, and AOL as third party defendants.
The RIAA tried to have the application quashed and now, in a revised third party complaint, the brother and sister are seeking leave to sue Sharman and AOL for $3,966,000 each, and Matthew Seckler who, says the complaint, loaded Kazaa onto the Santangelo’s computer, $1.
Stay tuned.
Pay us $8M, Santangelos tell AOL, Kazaa
p2pnet news | RIAA News:- Michelle Santangelo and her brother Robert, victims of Warner Music, EMI, Vivendi Universal and Sony BMG’s RIAA, sue ‘em all campaign, say Sharman Networks, based in Australia, and Time Warner’s AOL together owe them almost $8 million, plus legal fees and expenses.
The Santangelos and their lawyer, Jordan Glass, recently initiated a third party action against: Sharman Networks, owners of Kazaa, the seriously discredited P2P file sharing software implicated in most RIAA cases; former family friend Matthew Seckler; and, AOL.
An attack like this, believed to be the first of its kind in these anti-P2P cases, is the last thing the RIAA (Recording Industry Association of America), fronting the lawsuits, wants or needs.
It’s just been presented with its most dangerous threat to date which may force it to abandon its Making Available weapon under which it claims merely having a copyrighted file in a document is enough to warrant an infringement action.
The Big 4 and their RIAA prefer targets to simply cave and pay extortion amounts in the hope they’ll thus avoid been named in court cases.
The tactic has to an extent been successful with university students across America who are being intimidated into paying upwards of $3,000 in so-called ‘pre-settlement’ fees, with many of the universities themselves acting as corporate copyright cops.
Michelle and Robert, meanwhile, recently submitted an application to include Sharman Networks, owners of the Kazaa P2P application, and AOL as third party defendants.
The RIAA tried to have the application quashed and now, in a revised third party complaint, the brother and sister are seeking leave to sue Sharman and AOL for $3,966,000 each, and Matthew Seckler who, says the complaint, loaded Kazaa onto the Santangelo’s computer, $1.
Stay tuned.
this is also very interesting
MediaDefender leaks phone calls as well:
http://digg.com/offbeat_news/MediaDefender...e_calls_as_well
lol,
Sabu
MediaDefender leaks phone calls as well:
http://digg.com/offbeat_news/MediaDefender...e_calls_as_well
lol,
Sabu
Demnoid Link:
http://www.demonoid.com/files/details/1350500/2052641/
ThePirateBay
http://thepiratebay.org/search/mediadefender/0/3/0
I've indexed and searched throughout a lot of these emails. They do not contain a weath of ip addresses. But the inside information and 'tatics' revealed if you will will bring a wealth of knowledge to any of us who do IP research.
This container is loaded with information and gives a perspective into the brand enforcement industry that is going to help us continue this battle.
p2p 1
antip2p -2
Matthew Chambers
http://www.infostruction.com
Read my blog on anti-p2p for the average internet user:
http://blog.myspace.com/index.cfm?fuseacti...logID=288752750
http://www.demonoid.com/files/details/1350500/2052641/
ThePirateBay
http://thepiratebay.org/search/mediadefender/0/3/0
I've indexed and searched throughout a lot of these emails. They do not contain a weath of ip addresses. But the inside information and 'tatics' revealed if you will will bring a wealth of knowledge to any of us who do IP research.
This container is loaded with information and gives a perspective into the brand enforcement industry that is going to help us continue this battle.
p2p 1
antip2p -2
Matthew Chambers
http://www.infostruction.com
Read my blog on anti-p2p for the average internet user:
http://blog.myspace.com/index.cfm?fuseacti...logID=288752750
update NEW LEAK
"The MediaDefender-Defenders have released the source code for the “trapping” and decoy software that MediaDefender uses to spread fake files on P2P networks."
http://torrentfreak.com/mediadefender-anti...-leaked-070920/
the link to the torrent on h33t:
http://www.h33t.com/details.php?id=b14f95a...91df42eb85eabb8
interesting because now the p2p networks have a professional analysis of their network vulnerabilities. priceless
EDIT: i just stopped by to check the blocklists were updated with the latest leaks, but it seems you guys are ahead of the pack, thanks and kudos
"The MediaDefender-Defenders have released the source code for the “trapping” and decoy software that MediaDefender uses to spread fake files on P2P networks."
http://torrentfreak.com/mediadefender-anti...-leaked-070920/
the link to the torrent on h33t:
http://www.h33t.com/details.php?id=b14f95a...91df42eb85eabb8
interesting because now the p2p networks have a professional analysis of their network vulnerabilities. priceless
EDIT: i just stopped by to check the blocklists were updated with the latest leaks, but it seems you guys are ahead of the pack, thanks and kudos
wow, redpriest + locutius thanks for the links
some more links:
http://www.slyck.com/forums/viewtopic.php?...a7070624b623336
http://suprbay.org/showthread.php?t=2468
http://www.wired.com/politics/security/new...9/mediadefender
http://www.zeropaid.com/news/9005/MediaDef...27Protection%27
http://forum.emule-project.net/index.php?showtopic=128758
http://thepiratebay.org/blog/85
http://axtmag.com/2007/09/16/mediadefender...t-2-phonecalls/
http://axtmag.com/2007/09/17/mediadefender...ed-mail-part-3/
http://axtmag.com/2007/09/20/mediadefender...ilities-leaked/
Sabu
some more links:
http://www.slyck.com/forums/viewtopic.php?...a7070624b623336
http://suprbay.org/showthread.php?t=2468
http://www.wired.com/politics/security/new...9/mediadefender
http://www.zeropaid.com/news/9005/MediaDef...27Protection%27
http://forum.emule-project.net/index.php?showtopic=128758
http://thepiratebay.org/blog/85
http://axtmag.com/2007/09/16/mediadefender...t-2-phonecalls/
http://axtmag.com/2007/09/17/mediadefender...ed-mail-part-3/
http://axtmag.com/2007/09/20/mediadefender...ilities-leaked/
Sabu
TPB files charges against media companies
Thanks to the email-leakage from MediaDefender-Defenders we now have proof of the things we've been suspecting for a long time; the big record and movie labels are paying professional hackers, saboteurs and ddosers to destroy our trackers.
While browsing through the email we identified the companies that are also active in Sweden and we have tonight reported these incidents to the police. The charges are infrastructural sabotage, denial of service attacks, hacking and spamming, all of these on a commercial level.
The companies that are being reported are the following:
* Twentieth Century Fox, Sweden AB
* Emi Music Sweden AB
* Universal Music Group Sweden AB
* Universal Pictures Nordic AB
* Paramount Home Entertainment (Sweden) AB
* Atari Nordic AB
* Activision Nordic Filial Till Activision (Uk) Ltd
* Ubisoft Sweden AB
* Sony Bmg Music Entertainment (Sweden) AB
* Sony Pictures Home Entertainment Nordic AB
Stay tuned for updates.
Posted 09-21 21:50 von bkp
link:
http://thepiratebay.org/blog/86
also mentioned here!
http://digg.com/tech_news/ThePirateBay_org...edia_companies/
Sabu
Thanks to the email-leakage from MediaDefender-Defenders we now have proof of the things we've been suspecting for a long time; the big record and movie labels are paying professional hackers, saboteurs and ddosers to destroy our trackers.
While browsing through the email we identified the companies that are also active in Sweden and we have tonight reported these incidents to the police. The charges are infrastructural sabotage, denial of service attacks, hacking and spamming, all of these on a commercial level.
The companies that are being reported are the following:
* Twentieth Century Fox, Sweden AB
* Emi Music Sweden AB
* Universal Music Group Sweden AB
* Universal Pictures Nordic AB
* Paramount Home Entertainment (Sweden) AB
* Atari Nordic AB
* Activision Nordic Filial Till Activision (Uk) Ltd
* Ubisoft Sweden AB
* Sony Bmg Music Entertainment (Sweden) AB
* Sony Pictures Home Entertainment Nordic AB
Stay tuned for updates.
Posted 09-21 21:50 von bkp
link:
http://thepiratebay.org/blog/86
also mentioned here!
http://digg.com/tech_news/ThePirateBay_org...edia_companies/
Sabu
MediaDefender's Trade Secrets and Confidential Information:
http://www.chillingeffects.org/tradesecret...?NoticeID=15254
MediaDefender’s Decoy Effectiveness on BitTorrent Sites:
http://torrentfreak.com/mediadefender-deco...t-sites-070922/
Sabu
http://www.chillingeffects.org/tradesecret...?NoticeID=15254
MediaDefender’s Decoy Effectiveness on BitTorrent Sites:
http://torrentfreak.com/mediadefender-deco...t-sites-070922/
Sabu
Since GPIO.org is in Norway, does MD actually hope to do anything to them?
QUOTE
Since GPIO.org is in Norway, does MD actually hope to do anything to them?
There are links to the letters on the mediadefender-defenders.com main page.
He gave a humorous reply to the attorney regarding that.
They talk about utorrent a little bit in those e-mails too.. as to whether 'interdiction' still worked.
Not surprisingly, they take great pride in what they do.
The Pirate Bay Details Charges Against Media Companies
Written by Ernesto on September 26, 2007
Last week, The Pirate Bay announced that it filed charges against against some of the key players in the entertainment industry for corrupting and sabotaging their BitTorrent tracker. We asked Brokep, one of The Pirate Bay founders to give us some more background information on this counterattack that will, once again, embarrass the entertainment industry.
The Pirate Bay filed charges against 10 major media companies, including Paramount Home Entertainment, Twentieth Century Fox and Universal Music Group. Fighting fire with fire some would say, but what’s really motivating them to take on these companies?
TorrentFreak: What is the main reason why you decided to file charges?
Brokep: To make the big companies aware about their own wrong doings. They are huge corporations where I’m sure a lot of different people decide. I don’t want that to be an excuse, I want them to take their crappy methods and stop their wrong-doing. They are going around accusing the pirate community for doing immoral stuff, when they do illegal stuff. We need to make a statement that just because something might be hard to fight it doesn’t mean that laws do not imply in the case.
TorrentFreak: In your blog post you said that the MediaDefender leaks started all this. Have you contacted MediaDefender about this suing of their clients?
Brokep: Yes. I talked to Randy Saaf, he sounded like a nice guy but he didn’t want to talk about it. He basically said “you do what you have to do” and honestly - if it were my clients, I would be a bit more eager to not get them in trouble.
TorrentFreak: What’s the legal status of the leaked emails, can they be used in the lawsuit as evidence?
Brokep: Yes. We have something called “fri bevisprövning” in Sweden which means that evidence, no matter how they’re obtained, can be used.
TorrentFreak: Do you have any other evidence against the media companies?
Brokep: Yes, stuff like our own logs of the connections from MD and such.
TorrentFreak: Have you heard anything from the companies you pressed charges against?
Brokep: No. We tried having a debate in national swedish radio but they refused to talk to us. They sent a note using IFPI saying “we will not talk about unserious claims like this”. It’s a twist of irony. They do illegal stuff and it’s unserious claims, we do stuff they consider immoral and they force the police to help them out. How’s that for democracy…
TorrentFreak: What message do you want to send out to the movie and music studios and anti-piracy companies like MediaDefender,and what else do you hope to accomplish by pressing charges?
Brokep: That you can’t fight file sharing. You have to join it, embrace it and adopt to it. It’s the only way, like it or not. It’s not going away, it’s grows every day and it’s for a good reason - the people want it. And the people are their customers, why fight them? Listen to them.
TorrentFreak: Thanks Brokep, and good luck of course!
link:
http://torrentfreak.com/the-piratebay-deta...charges-070926/
Sabu
Written by Ernesto on September 26, 2007
Last week, The Pirate Bay announced that it filed charges against against some of the key players in the entertainment industry for corrupting and sabotaging their BitTorrent tracker. We asked Brokep, one of The Pirate Bay founders to give us some more background information on this counterattack that will, once again, embarrass the entertainment industry.
The Pirate Bay filed charges against 10 major media companies, including Paramount Home Entertainment, Twentieth Century Fox and Universal Music Group. Fighting fire with fire some would say, but what’s really motivating them to take on these companies?
TorrentFreak: What is the main reason why you decided to file charges?
Brokep: To make the big companies aware about their own wrong doings. They are huge corporations where I’m sure a lot of different people decide. I don’t want that to be an excuse, I want them to take their crappy methods and stop their wrong-doing. They are going around accusing the pirate community for doing immoral stuff, when they do illegal stuff. We need to make a statement that just because something might be hard to fight it doesn’t mean that laws do not imply in the case.
TorrentFreak: In your blog post you said that the MediaDefender leaks started all this. Have you contacted MediaDefender about this suing of their clients?
Brokep: Yes. I talked to Randy Saaf, he sounded like a nice guy but he didn’t want to talk about it. He basically said “you do what you have to do” and honestly - if it were my clients, I would be a bit more eager to not get them in trouble.
TorrentFreak: What’s the legal status of the leaked emails, can they be used in the lawsuit as evidence?
Brokep: Yes. We have something called “fri bevisprövning” in Sweden which means that evidence, no matter how they’re obtained, can be used.
TorrentFreak: Do you have any other evidence against the media companies?
Brokep: Yes, stuff like our own logs of the connections from MD and such.
TorrentFreak: Have you heard anything from the companies you pressed charges against?
Brokep: No. We tried having a debate in national swedish radio but they refused to talk to us. They sent a note using IFPI saying “we will not talk about unserious claims like this”. It’s a twist of irony. They do illegal stuff and it’s unserious claims, we do stuff they consider immoral and they force the police to help them out. How’s that for democracy…
TorrentFreak: What message do you want to send out to the movie and music studios and anti-piracy companies like MediaDefender,and what else do you hope to accomplish by pressing charges?
Brokep: That you can’t fight file sharing. You have to join it, embrace it and adopt to it. It’s the only way, like it or not. It’s not going away, it’s grows every day and it’s for a good reason - the people want it. And the people are their customers, why fight them? Listen to them.
TorrentFreak: Thanks Brokep, and good luck of course!
link:
http://torrentfreak.com/the-piratebay-deta...charges-070926/
Sabu
Is it just me, or have the fakes on gnutella completely vanished since Monday?
Mediadefender hack costs company 825,000 USD
11/20 2007 | 11:19 AM
Posted by: Janko Roettgers
Those 6000 Mediadefender emails that leaked onto the web in September cost the anti-piracy outlet dearly: A recent SEC filing of Mediadefender parent ArtistDirect reveals that the company lost at least 825,000 dollars due to the hack - enough money to eat up all of ArtistDirect's profits for the third quarter. The biggest chunk of the money was apparently spent to keep Mediadefender's clients on board.
A hacker group that called itself Mediadefender-Defenders managed to get hold of a vast email archive in September that contained nine months of internal correspondence. It looks like the hackers were able to hack into one of the employee's GMail account. The SEC filing shows how serious the breach was:
"These e-mails contained confidential information and communications covering a wide variety of internal issues, including personal data, customer data and pricing information, and other sensitive information."
Part of the "other sensitive information" were also passwords that seem to have given them access data for various servers. The source code of some of Mediadefender's anti-piracy software and a transcript of a phone call appeared online soon after.
The SEC filing also details why this breach was so expensive:
"As a result of this development, MediaDefender recorded approximately $600,000 for service credits to customers, which were recorded as a reduction to revenues during the three months ended September 30, 2007. This amount was determined based on various factors, including discussions with customers, and is subject to adjustment in future periods based on additional information. MediaDefender also recorded approximately $225,000 of legal, consulting and other direct costs related to the breach during the three months ended September 30, 2007."
600,000 dollars in service credits sounds a lot for a breach that essentially was based on hacking a GMail account - unless a company just has a handful of clients that need to be kept happy at any cost. The SEC filing shows that Mediadefender is generating 66 percent of its revenue with just four clients, and it was apparently willing to sacrifice this quarter's earnings to save these relationships. Artistdirect registered a net loss of 183,000 dollars for the quarter ending September 30th, compared to a net income of 839,000 dollars for the same quarter last year.
But at least everything is under control now - at least if we can believe the company's SEC filing:
"An internal investigation of this matter is continuing, as a result of which the Company has revised various procedures and policies and enhanced its online and Internet security protocols."
link:
http://www.p2p-blog.com/item-418.html
related information below
http://www.irconnect.com/mc/irc/secfilings...2&type=HTML
Sabu
11/20 2007 | 11:19 AM
Posted by: Janko Roettgers
Those 6000 Mediadefender emails that leaked onto the web in September cost the anti-piracy outlet dearly: A recent SEC filing of Mediadefender parent ArtistDirect reveals that the company lost at least 825,000 dollars due to the hack - enough money to eat up all of ArtistDirect's profits for the third quarter. The biggest chunk of the money was apparently spent to keep Mediadefender's clients on board.
A hacker group that called itself Mediadefender-Defenders managed to get hold of a vast email archive in September that contained nine months of internal correspondence. It looks like the hackers were able to hack into one of the employee's GMail account. The SEC filing shows how serious the breach was:
"These e-mails contained confidential information and communications covering a wide variety of internal issues, including personal data, customer data and pricing information, and other sensitive information."
Part of the "other sensitive information" were also passwords that seem to have given them access data for various servers. The source code of some of Mediadefender's anti-piracy software and a transcript of a phone call appeared online soon after.
The SEC filing also details why this breach was so expensive:
"As a result of this development, MediaDefender recorded approximately $600,000 for service credits to customers, which were recorded as a reduction to revenues during the three months ended September 30, 2007. This amount was determined based on various factors, including discussions with customers, and is subject to adjustment in future periods based on additional information. MediaDefender also recorded approximately $225,000 of legal, consulting and other direct costs related to the breach during the three months ended September 30, 2007."
600,000 dollars in service credits sounds a lot for a breach that essentially was based on hacking a GMail account - unless a company just has a handful of clients that need to be kept happy at any cost. The SEC filing shows that Mediadefender is generating 66 percent of its revenue with just four clients, and it was apparently willing to sacrifice this quarter's earnings to save these relationships. Artistdirect registered a net loss of 183,000 dollars for the quarter ending September 30th, compared to a net income of 839,000 dollars for the same quarter last year.
But at least everything is under control now - at least if we can believe the company's SEC filing:
"An internal investigation of this matter is continuing, as a result of which the Company has revised various procedures and policies and enhanced its online and Internet security protocols."
link:
http://www.p2p-blog.com/item-418.html
related information below
http://www.irconnect.com/mc/irc/secfilings...2&type=HTML
Sabu
read the Interview of the MediaDefender Hacker online!
The Pirates Can't Be Stopped:
http://www.portfolio.com/news-markets/nati...s-Profile#page1
Sabu
The Pirates Can't Be Stopped:
http://www.portfolio.com/news-markets/nati...s-Profile#page1
Sabu
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.