MediaDefender hacked, internal emails published

Share this article:
MediaDefender, an anti-piracy vendor often commissioned by movie studios and record companies, suffered a breach over the weekend when thieves stole thousands of internal emails.

The stolen emails, published through file-sharing protocol BitTorrent by a group called MediaDefender-Defenders, revealed that MediaDefender had created a website to entrap illegal uploaders.

According to the emails, MediaDefender placed a honeypot, MiiVii.com, that allowed people to upload and download copyrighted movies, television shows and music. But when visitors installed software associated with the site, the software could also surreptitiously track their activity and report to MediaDefender.

Media reports said that MediaDefender - owned by ARTISTdirect - intended to co-opt MiiVii users' computers and turn them into anti-piracy machines in an effort to cut off downloads of copyrighted content. These would distribute files that appeared to contain copyrighted material but in fact were empty.

MediaDefender-Defenders claimed responsibility for the breach.

"This is a highly charged political situation," Paul Ferguson, a network architect with anti-virus software developer Trend Micro, told SCMagazineUS.com. "[MediaDefender] has put itself in the position as a target – it has been accused of trying to poison BitTorrent traffic."

The break-in might well have been in retaliation for the Motion Picture Association of America's(MPAA) attempts to curb piracy, one of MediaDefender's clients, suggested Craig Schmugar, a threat research manager at McAfee's AVERT Labs.

"In court, the MPAA admitted to paying a hacker $15,000 to get emails belonging to an executive at [BitTorrent search engine] Torrentspy," Schmugar said. "There's speculation on who may have gone after the confidential emails...Clearly, a lot of people are unhappy with the actions of the MPAA, mostly around the practices and methods the MPAA has used to try and prevent pirating of materials."

Although MediaDefender hasn't explained how the breach occurred, Ferguson said "there are rumors suggesting they were hacked."

"[The leak] underscores the ongoing trend that people who deploy internet-facing systems, whether websites, email servers or databases, must make an ongoing, intelligent effort to ensure their systems remain patched, their software is up to date, and securely configured," he said.
Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.