FBI Takes Control of Russian Botnet

The FBI took control of a massive botnet believed to have been run by hackers working for the Kremlin. The Malware, known as VPNFilter, was found by researchers working at CISCO Talos. VPNFilter grants hackers to hijack routers turning them into a malicious VPN network used by hackers to mask their actual IP address during subsequent attacks.

According to a report released on 23 May, the payload has been in the wild since 2016 at the very least. It is suspected to have infected around 500,000 machines covering 54 countries. Talos stated that the intricacy of the modular malware system likely means it was a state-sponsored attack.

FBI agents have stated that the threat actor is probably Sofacy – a collective hacking run by the Kremlin that has been notorious under a multitude of names over the past five years like APT28, Sednit, Fancy Bears, Pawn Storm, Grizzly Steppe, STRONTIUM, and Tsar Team. Affidavit Excerpt:

“The Sofacy group is a cyber-espionage group believed to have originated from Russia. Likely operating since 2007, the group is known to typically target government, military, security organizations, and other targets of intelligence value.”

Image result for fancy bears

VPNFilter uses a multi-stage attack vector similar to other router based exploits. Once it accesses a victim’s router, it communicates with a Command and Control (CnC) server to download additional payloads.

The secondary stage of the exploit grants the hackers to intercept traffic, steal data, perform file collection, and execute commands. There is also the possibility that additional payloads may have been delivered infecting network devices attached to the router.

Image result for fbi

FBI Takes Control

After months of monitoring the situation, security researchers working with the FBI were successful in pinpointing the domain name used by the advanced hackers.

In an affidavit filed on 23 May, it has been revealed that agents were on it since August when they were willingly given access to an infected router by a Pittsburgh resident.

When news of the infection became public, the FBI acted swiftly to get a warrant from a Pennsylvania judge to take control of the toKnowAll.com domain.

With CnC domain under FBI control, consumers around the world have been asked to reboot their device so that it can phone home. It will help the feds have a clear view of exactly how many devices were affected around the world. The FBI stated that it intends to make a list of all infected IP addresses in order to contact ISPs, private, and public sector partners, to clean up after the global infection – ahead of the setup of a new malicious CnC server to reestablish the botnet.



BREIN Compels Pirate IPTV Sellers To Sign Abstention Agreement

Earlier in the month, Dutch anti-piracy firm BREIN won a court ruling versus Leaper Beheer BV which sold access to IPTV connections providing live TV, movies, and TV shows. Leaper and two other companies have now signed an abstention agreement with BREIN meaning no copyright-infringing activities or face penalties of 10,000 euros per infringement.

Image result for iptv

BREIN’s complaint filed at the Limburg District Court in Maastricht stated that Leaper sold access to unlicensed live TV streams and on-demand movies. Approximately 4,000 live channels and 1,000 movies were included in the bundle, which was handed out to customers in the form of a .M3U playlist.

In a detailed verdict, the Court sided with BREIN, stating that Leaper communicated works to a new audience which is a breach even though it wasn’t previously when the content’s owners initially authorized their work to be distributed to the public.

The Court ordered Leaper to stop giving access to the to the unlicensed streams or face penalties of 5,000 euros per IPTV subscription sold, link offered, or days exceeded, to a maximum of one million euros. Moreover, financial penalties were threatened for non-compliance with other aspects of the verdict.

In last Friday’s announcement, BREIN revealed that three companies which include Leaper had signed agreements to cease-and-desist, to avoid summary proceedings. BREIN has said that these three companies are the biggest sellers of pirate IPTV subscriptions in the Netherlands.

o Leaper Beheer BV, Growler BV, DITisTV and their respective directors are obligated to refrain from distributing protected works belonging to BREIN’s affiliates and their members.

Failure to obey the terms of the agreement will see the companies face penalties of 10,000 euros per infringement.

DITisTV’s previous website now appears to sell shoes with many negative reviews. Consumentenbond.nl, a consumer website, received 300 complaints about DITisTV.

It is reported that DiTisTV discontinued its website last June, likely in response to the European Court of Justice ruling which found that selling piracy-configured media players is illegal.


Top Ten Most Pirated Movies On BitTorrent This Week – 28/05/2018

The 10 most downloaded movies this week on BitTorrent – 28/05/2018 are here. The top three for this week is ‘Deadpool 2′, followed by Avengers: Infinity War’, and ‘Black Panther’ rounds in the top three.

There are three newcomers this week.

The most downloaded movie this week is Deadpool 2.

Every movie in the list given below is Web-DL/Webrip/HDRip/BDRip/DVDrip unless stated otherwise.


Movie Rank

Rank Last Week Movie Name IMDb Rating / Trailer
1 (3) Deadpool 2 (HDTS) 8.2 / Trailer
2 (2) Avengers: Infinity War (HDCam) 8.8 / Trailer
3 (4) Black Panther 7.5 / Trailer
4 (1) Pacific Rim: Uprising 5.8 / Trailer
5 N/A A Quiet Place ( Subbed HDRip) 8.0Trailer
6 (7) Ready Player One 7.8 / Trailer
7 N/A Death Wish (Subbed HDRip) 6.4 / Trailer
8 (8) 12 Strong 6.6 / Trailer
9 N/A Gringo 6.0 / Trailer
10 (5) Red Sparrow

6.6 / Trailer

Legal Blackmail: Zero Cases Conducted Versus Alleged Pirates in Sweden

Since 2017, tens of thousands of alleged file-sharers in Sweden have got threatening messages demanding cash settlements to make a theorized lawsuit go away. But an investigation by Sweden’s SVT failed to bring forward a single instance where a claim led to a conviction for so-called copyright trolls. A professor of law at Stockholm University termed it “Legal blackmail.”

Until recently, Sweden had managed to stay afloat from copyright trolls which have wilted several European for more than ten years. Image result for trollsign

Sweden had avoided the similar fate of its European partners until two years ago.

In September 2016 a self-proclaimed organization called Spridningskollen (Distribution Check) headed up by law firm Gothia Law said it would begin targeting the public.

The letters were described as “speeding tickets” for pirates meaning it would only target the guilty. But, a massive backlash and a couple of months later Spridningskollen was gone without a single collection letter being sent out.

That was the calm before the storm.

In February 2017, Danish law firm Njord Law launched a new troll operation targeting the subscribers of several ISPs, including Telia, Tele2, and Bredbandsbolaget. Court documents disclosed the harvesting by the law firm’s partners who were determined to link thousands of IP addresses with real-life people.

Njord Law was permitted by the court to acquire the identities of citizens behind 25,000 IP addresses hopefully to get cash settlements of around US$550. But that’s not all.

Repeatedly, the trolls headed back to court to get more IDs. SVT’s new investigation has revealed the feared copyright troll invasion of Sweden has indeed gained momentum.

SVT revealed that since 2017 Swedish Internet service providers have given personal details of more than 50,000 IP addresses to law firms representing copyright trolls and their partners. Njord Law alone will have sent out 35,000 letters by this year’s end to Swede’s whose IP addresses have been flagged as allegedly infringing copyright.

Let’s assume the trolls get $300 per letter, very quickly they could be earning $15,000,000 in revenues.

But, nothing is that simple.

In 2017, Njord Law received a 60% response for its letters meaning ever fewer settlements if at all.

Despite all the copyright trolls tough-talking, SVT’s investigation revealed that taking people to court and winning a case when they have refused to pay has never happened.

SVT while going through the records held by Patent and Market Court and also the District Courts dating back five years did not find a single case of a troll taking a citizen to court and winning an argument.

Whether Njord Law carries through with its threats, remain to be seen, but if people keep paying up, then this practice will continue and escalate. The trolls have come a long way to give up now.

TRON Cryptocurrency Founder Intends to Buy BitTorrent Inc.

TRON is close to acquiring BitTorrent Inc. which was one of Silicon Valley’s hottest new startups thirteen years back. Justin Sun, cryptocurrency TRON’s founder, plans to take BitTorrent Inc. and both parties are finalizing the latest details. With a multi-billion dollar market cap, TRON seeks to decentralize the web, powered in part by BitTorrent.

BitTorrent Inc. founded by Bram Cohen is best known for uTorrent, which has more than 100 million users. Image result for bittorrent

The massive user base, however, never really turned the company into the next billion-dollar tech giant that early investors had hoped.

In recent years it went downhill partly due to questionable management practices. Things have stabilized since but changes are coming.

Rainberry was sued earlier this year by none other than TRON founder Justin Sun. It allegedly violated a “No Shop” clause in an agreement.

Tron is one of the hottest and most debated cryptocurrencies with a market cap of more than $4 billion, only surpassed by a few others. Sun at the helm means it makes headlines almost every day.

The TRON main net will go live in a couple of days with the ultimate goal to “decentralize the web.” The TRON whitepaper mentions torrents as one of the pillars.

Tron (at the time of publish)

Sun returned a signed copy of both parties finalized letter of intent for acquisition in January 2018.

There was a twist in the story as BitTorrent Inc. CEO Ro Choy came back with a surprising reply.

Sun claims in the lawsuit “Within literally hours after the parties agreed to the Letter of Intent, and after Ro Choy began performing the terms of the Letter of Intent, Defendant claims it received three ‘superior’ bids from companies that David Chao admitted they had been communicating with.”

Sun asked the court for a restraining order on BitTorrent. It was swiftly dismissed, but it left paper trails behind.

At February’s end, the exclusivity period set in the letter of intent ended and a holding company named “Rainberry Acquisition” was registered in California.

The company is registered to TRON founder Justin Sun which suggests that the acquisition is still on the table.

Rainberry Acquisition Paperwork 

Currently, the acquisition is not 100% finalized yet, but should things go according to plan more information will likely be released sometime later.

Presently, Sun’s plans for BitTorrent is still unclear, but this exactly is what could be used to further TRON’s advantages.

Curiously enough, BitTorrent Inc. founder Bram Cohen has also taken an interest in cryptocurrencies, with the aim of creating a superior one called Chia.


Google’s Chrome Web Store Spammed With Clickbait ‘Pirate’ Movie Links

The Chrome Web Store is Google’s archive for all things Chrome, from apps and extensions to a vast array of themes for the iconic browser. Presently, however, the store has some dodgy visitors who at first appear to offer pirated movies. But look closely, and it’s all an elaborate scam designed to generate traffic to a subscription site.

Google’s Chrome Store debuted in 2010 and is the go-to place for users looking to hustle their chrome browser.

It offers programs that run in Chrome and performs a splendid array of functions like improving security and privacy, to streaming video or adding magnet links to torrent sites.

Themes are also available which can be installed locally to change the appearance of the Chrome browser.

There are plenty programs to choose from, but some additions to the store this past couple of months were entirely unexpected from the add-on platform.

Free Movies on Chrome’s Web Store?

The above image suggests unknown third parties are exploiting Chrome Store’s ‘theme’ section to offer visitors to a vast array of pirate movies.

When clicking through to the movie page users are presented with a theme seemingly grants them to watch the movie online in “Full HD Online 4k.”

It is a dubious scam as users are led to Vioos.co, a pirate streaming portal impersonate, but nothing of use.

Move on

When you click the play button on movies appearing on Vioos.co, it will take you another site called Zumastar which asks people to “create a free account” to “access unlimited downloads & streaming.”

The website promises “With over 20 million titles, Zumastar is your number one entertainment resource. Join hundreds of thousands of satisfied members and enjoy the hottest movies.”

Dodgy Marketing. No Thanks.

Lengthy visits to Vioos.co results in a redirection to EtnaMedia.net, a domain that was promptly blocked by Malwarebytes due to suspected fraud. But if you allow the browser to make the connection, it will take you to another subscription site.

Upset former customers complained of money being taken from their credit cards when they didn’t expect it in the least bit.

A lot of people have signed up to Zumastar or EtnaMedia via this problematic route from Google’s Chrome Store which is a worrying sign.
Steer clear from this; it’s a fraud.

Finally, don’t let the reviews fool you.

Probably Scammers Rubish Reviews


Putin Urged to Investigate Damage Caused by Telegram Web-Blocking

Internet Ombudsman Dmitry Marinichev presented a report to President Vladimir Putin, saying there ought to be an investigation into the actions of Roscomnadzor after it tried to block Telegram last month. Marinichev noted that Roscomnadzor neglecting damage assessment meant millions of innocent IP addresses were caught up in the dragnet.

The Internet became a battleground once Telegram was banned in Russia by a Moscow court last month.  Image result for security camera

On Roscomnadzor’s instructions, ISPs blocked Telegram in Russia by blackholing millions of IP addresses. It was a shamble. Completely reliable services faced the brunt, while Telegram remained online anyway.

Roscomnadzor has partly cleaned up the mess these past few weeks by removing innocent Google and Amazon IP addresses from Russia’s blacklist. The collateral damage, however, was so massive there have been questions raised regarding the watchdog’s entire approach to web-blockades.

The matter looks set to skyrocket because of the annual report presented this week to President Vladimir Putin by business ombudsman Boris Titov. ‘The Book of Complaints and Suggestions of Russian Business’ has statements from Internet expert Dmitry Marinichev, who said the Prosecutor General’s Office should launch an investigation into Roscomnadzor’s actions.

Marinichev said while trying to bring down Telegram with hostile technical means, Roscomnadzor relied upon “its own interpretation of court decisions” to give direction, reported TASS.

“When carrying out blockades of information resources, Roskomnadzor did not assess the related damage caused to them,” he said.

Over 15 million IP addresses were blocked; many of them had no relations to Telegram operations. Marinichev stated the collateral damage suffered by innocent people was catastrophic.

“[The blocking led] to a temporary inaccessibility of Internet resources of a number of Russian enterprises in the Internet sector, including several banks and government information resources,” he reported.

Advising the President, Marinichev proposed that the Prosecutor General’s Office ought to look into “the legality and validity of Roskomnadzor’s actions” which led to the “violation of availability of information resources of commercial companies” and “threatened the integrity, sustainability, and functioning of the unified telecommunications network of the Russian Federation and its critical information infrastructure.”

Starting of May, reports came in that along with various web services, around 50 VPN, proxy and anonymity platforms had been blocked for providing access to Telegram. News on May 22 had seen that number swell to over 80 although ten were later after they terminated access to Telegram.

Currently, Roscomnadzor is carrying on with its efforts to block access to torrent and streaming platforms. It freshly ordered ISPs to prevent at least 47 mirrors and proxies giving access to previously blocked sites.

MPAA Earnings Drop 20% as Movie Studios Rollback

The revenue generated by MPAA in the latest tax filing shows a decline after a few years of modest growth. The reason is lower membership fees paid by the major Hollywood studios. Additionally, the filing revealed MPAA’s former CEO Chris Dodd earned $3.4 million during his final year.

The MPAA has achieved many anti-piracy successes in recent years as a united front for Hollywood. Image result for mpaa

MPAA has worked tirelessly in the shutdowns of Popcorn Time, YIFY, isoHunt, Hotfile, Megaupload and several other platforms.

Less apparent but essential, the MPAA does use its influence to lobby lawmakers and simultaneously arranges and manages anti-piracy campaigns both in the United States and abroad.

All this work doesn’t come freely, and so the MPAA relies on six major movie studios to pay the bills. Revenues had stabilized over the past several years, but in its latest filing, there is a drop.

The total revenue stood at $57 million for the fiscal year 2016 down from $73 million according to an IRS filing. The Hollywood studios paid most of it through membership fees totaling $50 million. A 22% drop compared to the previous year.

Year ending it resulted in a significant loss of $8 million. That’s a lot of money, but the MPAA is still in safe hands as it has over $10 million in net assets and funds.

There is no explanation for the lower membership fees.

Most of the expenses are incurred through salaries with Chris Dodd, the former MPAA Chairman, and CEO the highest paid employee with over $3.4 million in total income, including a $275,000 bonus.

It was a compensation for Dodd’s last full year as CEO. Last year Charles Rivkin replaced him another political heavyweight, who previously served as Assistant Secretary of State for Economic and Business Matters in the Obama administration.

10% of the entire salary budget was taken up by Dodd’s compensation. The remaining divided by MPAA’s other 196 employees. So the total workforce was 197 down from 224 a year earlier.

Moving on, it does charity work as well by donating to various research initiatives, including a recurring million dollar grant for Carnegie Mellon’s ‘Initiative for Digital Entertainment Analytics’ (IDEA), which deals with piracy related topics.

Copyright Alliance is another primary beneficiary. The group co-founded by the MPAA is a non-profit copyright holders representative, and it received $750,000 in support according to the latest filing.

The total grants budget is $3.1 million and comprises many smaller payments, similar to previous years. Lobbying budget totaled $3.6 million, and $5.3 million in legal fees.

Apart from revenues, the other aspects seem well taken care of.

GDPR: Inbox Flooding Privacy Policy Emails

You are presented with a privacy policy whenever you join an online service or social media site. But the fact is nobody bothers to read them. Majority of people cannot comprehend privacy policies.

A 2014 Pew Research Center study revealed that half of Americans don’t even know what a privacy policy is. But even privacy experts like Lior Strahilevitz, a professor of law at the University of Chicago, yesterday admitted that “like most people, I don’t read the privacy policies that I’m sent – and I say that as a privacy lawyer”.

Image result for privacy policy

Importance of Privacy Policy

Facebook’s scandal in regards to its analytics used by a third party firm called Cambridge Analytica (CA) is a huge deal. CA targeted borderline voters and influenced their decisions in both the 2017 Presidential elections – and the UK’s Brexit referendum.

Blasé Ur, an assistant professor at the University of Chicago Department of Computer Science, talked at Innovation fest yesterday explaining explained why he believes the Cambridge Analytica story has hit such a nerve.

He said“It is one of the few cases where an average consumer can see what happened with their data. Normally we have data collected about us, and it goes into the void, and things get done to it, but we never really know what the outcome was.”

Ur also said the people discovered explicit details about how their data “was scooped up by Cambridge Analytica and then probably used to influence Brexit and the Trump election.”

For these reasons it is important to understand what personal data you are permitting firms to collect, store and process.

Image result for gdpr

The GDPR update surge

Currently, people are being presented with an influx of privacy policy updates. The reason is Europe’s new GDPR legislation, which comes into effect on May 25. The new European bill mandates companies to tell consumers exactly what data is being collected and what it is being used for. Firms using personal data for anything other than its original purpose are in breach of the regulation.

Some firms like Microsoft for example, have decided to roll out many elements of the regulation to their worldwide user base even though the legislation is European. The same could be applied to citizens elsewhere in the world.

How to deal with the privacy policy dilemma

Strahilevitz believes the best thing to do is to rely on experts rather than to make sense of the policy yourself.

It is solid advice because when a large corporation releases a new privacy policy, it is typical for organizations such as Electronic Frontier Foundation, Privacy International, Open Rights Group, and the Privacy Coalition, to analyze those documents carefully.

Image result for eff

Additionally, independent privacy experts and researchers often analyze new privacy policies so with next to no effort it is possible to find out if a privacy policy is receiving bad press and should be avoided.

Fully Loaded Kodi Box Sellers Get Massive Jail Sentences

A court in Wales has given heavy jail sentences to Michael Jarman and Natalie Forber, who ran a business selling fully-loaded Kodi boxes. They have pleaded guilty to operating a fraudulent business having sold more than 1,000 devices over a two year period. Jermain, 21 months sentence while Forber, a 16-month suspended sentence.Image result for kodi boxes

Kodi is perfectly legal, but when augmented with third-party add-ons it becomes a potent device, providing most of the content anyone could desire. The user can set up the system but for many, buying a so-called “fully-loaded” box from a seller is the more comfortable option.

As per local media, Jarman was arrested in January 2015 when police were called to a disturbance at Jarman and Forber’s home. Trading Standards officers launched an investigation after a large number of devices were spotted.

37-year-old Jarman pleaded guilty, but 36-year-old Forber initially denied the charges and was due to stand trial. Nevertheless, she later changed her mind and like Jarman, pleaded guilty to engaging in a fraudulent business.

They both attended a sentencing hearing before Judge Niclas Parry at Caernarfon Crown Court yesterday. Eryl Crump, the local reporter said the Court heard the couple had run their business for about two years, selling around 1,000 fully-loaded Kodi-enabled devices for £100 each via social media.

David Birrell, the prosecutor, said that the operation wasn’t too advanced, but it required Forber programming the devices as well as managing customer service. Forber’s claim of being forced into the scheme by Jarman was rejected by the prosecution.

They made £105,000 between February 2013 and January 2015, and that was transferred between bank accounts to launder the takings.

Forber, the mother mother-of-two broke up with Jarman following her arrest and is now back in work and studying at college.

Judge Niclas Parry while sentencing the pair described the offenses as a “relatively sophisticated fraud” carried out over a significant period and jailed Jarman for 21 months and Forber for 16 months, suspended for two years. Forber must also carry out 200 hours of unpaid work.

They will also face a Proceeds of Crime investigation which could see them paying large sums to the state, should any assets be recoverable.