Revision3 gets DoS’d… but not by who you’d expect.

Revision3, a large and popular entertainment firm (hosting such shows as Diggnation, Tekzilla, etc) recently had massive downtime over the holiday Memorial Day weekend due to a Denial of Service attack. Rev3 uses a BitTorrent tracker to distribute (legally) their shows, because the BT protocol greatly reduces the amount of bandwidth necessary to distribute files. Let me be very clear on this… They host no illegal content. Their BT tracker is only used to distribute shows that they have the rights to. So now, on to the fun part…

Someone, or some company, apparently took offense to Revision3 using Bittorrent to distribute its own slate of shows. Who could that be?

A bit of address translation, and we’d discovered our nemesis. But instead of some shadowy underground criminal syndicate, the packets were coming from right in our home state of California. In fact, we traced the vast majority of those packets to a public company called Artistdirect (ARTD.OB). Once we were able to get their internet provider on the line, they verified that yes, indeed, that internet address belonged to a subsidiary of Artist Direct, called MediaDefender.

Now why would MediaDefender be trying to put Revision3 out of business? Heck, we’re one of the biggest defenders of media around. So I stopped by their website and found that MediaDefender provides “anti-piracy solutions in the emerging Internet-Piracy-Prevention industry.” The company aims to “stop the spread of illegally traded copyrighted material over the internet and peer-to-peer networks.”

Who pays MediaDefender to disrupt peer to peer networks? I don’t know who’s ponying up today, but in the past their clients have included Sony, Universal Music, and the central industry groups for both music and movies – the RIAA and MPAA. According to an article by Ars Technica, the company uses “its array of 2,000 servers and a 9GBps dedicated connection to propagate fake files and launch denial of service attacks against distributors.” Another Ars Technica story claims that MediaDefender used a similar denial of service attack to bring down a group critical of its actions.

So I picked up the phone and tried to get in touch with ArtistDirect interim CEO Dimitri Villard. I eventually had a fascinating phone call with both Dimitri Villard and Ben Grodsky, Vice President of Operations at Media Defender.

First, they willingly admitted to abusing Revision3’s network, over a period of months, by injecting a broad array of torrents into our tracking server.

Second, and here’s where the chain of events come into focus, although not the motive. We’d noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender’s servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of “Hi”s brought down our network.

There’s lots more in the original article but what you’ve read so far is really what happened. MediaDefender are nothing more than thugs working for the highest bidder. A “legit” company trying to stop internet piracy … how? Ah right, by executing Denial of Service attacks and distributing fake torrents of copyrighted material. Sounds pretty subversive… In fact, it doesn’t sound “legit” at all. Rev3 lost a lot of revenue that weekend, so let’s hope MediaDefender will pay. According to Rev3, they’ve got the FBI involved.

I’m trying to get this news out because everyone needs to be aware. It’s not alright for companies to use illegal means, no matter who they’re fighting, and it shouldn’t be condoned simply because the company has the backing of large government-supported groups. Don’t brush this off, tell your friends. Write, call, and email your Government!

Link1, Link2

No related posts.