Today’s most interesting web related news was the hack on The Pirate Bay. Reading about it first at Softpedia, they stated that an Argentinian hacker named Russó got access to their administration panel and was then able to read all data through a SQL injection vulnerability. Retrievable data could be of great value to anti-piracy bodies.
The Next Web expands the story by blogging that it is in fact a group of hackers (other sites mention a trio) led by Russó that hacked the site and refers to their blog where Russó tries to explain the reason for their actions in somewhat unclear terms. They also explain they are not planning to sell data to the anti-piracy bodies.
Torrentfreak contacted some The Pirate Bay insiders and got explained that the site was not down anymore due to the hack itself, but to solve vulnerabilities and long overdue rewrite of database handling. TPB told them also that it would be impossible for the hackers to find out the true passwords of users, but this could be a ruse of course.
Former Washington Post editor and security expert Brian Krebs of Krebsonsecurity.com was the one who actually obtained the information and broke the news. He got the hacker on the phone and asked him to send him his TPB password as proof (providing his username), which he did. Krebs also states in his comments that only complex passwords might not be hacked.
Many articles mention that over 4 million usernames and emailaddresses are looted from TPB, but Russó and parties directly in conversation with him only state that they were exposed. Not that they couldn’t retrieve them of course, but i can’t seem to find exact words telling that they have all data now in posession. This is in line with Russó claiming they only did it to show people that their information is not so well protected on torrent sites. And this is meant as plural, as in the comment section of Krebs website, he reposts a friends facebook posting that says that more hacks are on their way with so-called game changing methods on recreating torrent site indexes and finding IP addresses of users.
So, we are not safe. Of course we know that dealing with pirates is a risk. Nothing new there. Seventeenth century pirates called buccaneers (or privateers) were paid by governments to loot ships (and cities later) from rivaling countries (Spain, mostly). It came to an end when the power of Spain was diminished and the pirates turned on their protecting governments.
Once a pirate, always a pirate.
I can’t believe that Argentinian hacker Russó is paid by an anti-piracy body yet, but it does show what might happen with your data in the near future when media industry companies have their back against the wall due to depleting income.
Is their a safe haven? As soon as The Pirate Bay can set up shop inside swedish parliament they will have immunity. Chance of hacking might also decrease when such is hosted by a government. If not, The Pirate Bay might also consider Iceland, which is already becoming a safe haven of free speech and information.
Now that governments and political parties are actively taking measures, trying to protect what some call pirates and some call patriots, it is safe to say that Tortuga 2.0 is here. The question is: how long will it remain?
{ 0 comments }
