p2pnet exposing some of the illegal activities of the anti-piracy organizations.
Firstly, DarkStar Management is currently seeding trojans (as you can see from the entry below) to the BitTorrent world by the millions. But I’ll go into that in another article.
I was logging onto my favorite anonymity site (xxxx) when PeerGuardian2 blocked a site called DarkStar Management. Not finding anything inherently evil after several searches (Yahoo, Google, Ask.com), I “allowed 78.129.146.44 for 15 minutes” - BIG MISTAKE!. My computer immediately rebooted so I knew I was in “deep doo doo”.
After the reboot, I ran a program called Malwarebytes which showed (and deleted) 14 files infected with the ZLOB Trojan.
Wow why isn't DarkStar Management being investigated by the police or shutdown for releasing a trojan onto unsuspecting bittorrent users? If it was the other around and a hacker released it I'm sure there would some kind of investigation by the online police unit.
And MediaSentry is currrently using: (see link for whois lookups)
What’s interesting is lookups only worked for the USA Suavemente, mainly because the NETNIC requires your A-NAME record be accessible. The other countries, Uraguay and Germany, don’t call for this.
This meant when I backtraced to find out who owned that IP address, I was blocked by the MAFIAA firewall in the countries that don’t require the ISP to provide this ability.
But what really caught my eye is below: (see link for blocked MediaDefender IPs)
This tells me they tried UDP access to my IP address first.
UDP is more or less a handshake saying, Yes, I’m online using something Bittorrent can see. Blocking the UDP call is kind of an indirect answer saying ‘Yes, I have what you’re looking for, but No you can’t have it.’ This is ambiguous of content or packet, this is only a\handshake.’ (That’s the best it gets for non-techies out there, sorry).
Directly after the UDP block, MediaDefender tried to GET the file that UDP said I possessed, but couldn’t have.
This is an automated attempt, switching from a UDP request to a TCP request. This shows me, without a doubt, they’re running a Bittorrent client and probably using PeerGuardian to log IP addresses. It’s fairly simple to do.
I have access to the list of EVERY SINGLE IP address that downloaded content from my IP address using a Bittorrent client — albiet modified for safety, but not to the extent it affected the engineering of the experiment.
With this information, I could easily have done what the MAFIAA is doing —- send out infringement notices ad hoc.
So much for ’super secret squirrel’ technology.
p2pnetMediaSentry in Australia: Part V
