MediaDefender hacked, internal emails published

Share this article:
MediaDefender, an anti-piracy vendor often commissioned by movie studios and record companies, suffered a breach over the weekend when thieves stole thousands of internal emails.

The stolen emails, published through file-sharing protocol BitTorrent by a group called MediaDefender-Defenders, revealed that MediaDefender had created a website to entrap illegal uploaders.

According to the emails, MediaDefender placed a honeypot, MiiVii.com, that allowed people to upload and download copyrighted movies, television shows and music. But when visitors installed software associated with the site, the software could also surreptitiously track their activity and report to MediaDefender.

Media reports said that MediaDefender - owned by ARTISTdirect - intended to co-opt MiiVii users' computers and turn them into anti-piracy machines in an effort to cut off downloads of copyrighted content. These would distribute files that appeared to contain copyrighted material but in fact were empty.

MediaDefender-Defenders claimed responsibility for the breach.

"This is a highly charged political situation," Paul Ferguson, a network architect with anti-virus software developer Trend Micro, told SCMagazineUS.com. "[MediaDefender] has put itself in the position as a target – it has been accused of trying to poison BitTorrent traffic."

The break-in might well have been in retaliation for the Motion Picture Association of America's(MPAA) attempts to curb piracy, one of MediaDefender's clients, suggested Craig Schmugar, a threat research manager at McAfee's AVERT Labs.

"In court, the MPAA admitted to paying a hacker $15,000 to get emails belonging to an executive at [BitTorrent search engine] Torrentspy," Schmugar said. "There's speculation on who may have gone after the confidential emails...Clearly, a lot of people are unhappy with the actions of the MPAA, mostly around the practices and methods the MPAA has used to try and prevent pirating of materials."

Although MediaDefender hasn't explained how the breach occurred, Ferguson said "there are rumors suggesting they were hacked."

"[The leak] underscores the ongoing trend that people who deploy internet-facing systems, whether websites, email servers or databases, must make an ongoing, intelligent effort to ensure their systems remain patched, their software is up to date, and securely configured," he said.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.