Last week the torrent community entered a state of shock when another major torrent site closed its doors.

Having served torrents to the masses for over a decade, ExtraTorrent decided to throw in the towel, without providing any detail or an apparent motive.

The only strong message sent out by ExtraTorrent’s operator was to “stay away from fake ExtraTorrent websites and clones.”

Fast forward a few days and the first copycats have indeed appeared online. While this was expected, it’s always disappointing to see “news” sites including the likes of Forbes and The Inquirer are giving them exposure without doing thorough research.

“We are a group of uploaders and admins from ExtraTorrent. As you know, SAM from ExtraTorrent pulled the plug yesterday and took all data offline under pressure from authorities. We were in deep shock and have been working hard to get it back online with all previous data,” the email, sent out to several news outlets read.

What followed was a flurry of ‘ExtraTorrent is back’ articles and thanks to those, a lot of people now think that Extratorrent.cd is a true resurrection operated by the site’s former staffers and fans.

However, aside from its appearance, the site has absolutely nothing to do with ET.

The site is an imposter operated by the same people who also launched Kickass.cd when KAT went offline last summer. In fact, the content on both sites doesn’t come from the defunct sites they try to replace, but from The Pirate Bay.

Yes indeed, ExtraTorrent.cd is nothing more than a Pirate Bay mirror with an ExtraTorrent skin.

There are several signs clearly showing that the torrents come from The Pirate Bay. Most easy to spot, perhaps, is a comparison of search results which are identical on both sites.

Chaparall seach on Extratorrent.cd

The ExtraTorrent “resurrection” even lists TPB’s oldest active torrent from March 2004, which was apparently uploaded long before the original ExtraTorrent was launched.

Chaparall search on TPB

TorrentFreak is in touch with proper ex-staffers of ExtraTorrent who agree that the site is indeed a copycat. Some ex-staffers are considering the launch of a new ET version, just like the KAT admins did in the past, but if that happens, it will take a lot more time.

“At the moment we are all figuring out how to go about getting it back up and running in a proper fashion, but as you can imagine there a lot of obstacles and arguments, lol,” ex-ET admin Soup informed us.

So, for now, there is no real resurrection. ExtraTorrent.cd sells itself as much more than it is, as it did with Kickass.cd. While the site doesn’t have any malicious intent, aside from luring old ET members under false pretenses, people have the right to know what it really is.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Last summer, Polish law enforcement officers arrested Artem Vaulin, the alleged founder of KickassTorrents.

Polish authorities acted on a criminal complaint from the US Government, which accused him of criminal copyright infringement and money laundering.

Facing severe back problems, Vaulin was transferred to a hospital in December, and he later continued treatment in a Warsaw prison while awaiting progress in his extradition case.

After being held in custody for nearly ten months, a breakthrough came last week when Vaulin was released on bail. The Verge reports that bail was set at $108,000 and that the alleged KickassTorrents founder now lives in a rented appartment in Warsaw.

Vaulin isn’t allowed to leave the country, but will be enjoying relative freedom, and most importantly, the company of his wife and son.

Two days before his release, The Verge’s Greg Sandoval spoke with Vaulin, who couldn’t go into detail on his alleged involvement with KickassTorrents. However, the Ukrainian entrepreneur stressed that he wasn’t looking for trouble.

“I’m a businessman. When I start a business I consult lawyers. I was never told that anything I was involved in was against the law,” Vaulin told Sandoval.

“I’m not crazy. If someone came to me to tell me the United States was angry with something I do, whatever it was, I would stop,” he added.

While life on bail is a great improvement compared to the conditions in prison, the case is not over yet. In March, the Warsaw District Court ruled in first instance that Vaulin can be extradited, but the second instance decision is still pending.

Over in the United States, the defense team also has a motion pending. In February, Vaulin’s lawyers urged the Illinois District Court to dismiss the indictment because there’s no proof of actual criminal copyright infringement.

Lead counsel Ira Rothken is happy that his client has been released on bail, and he’s confident that they will appear as victors down the road.

“We are pleased that the Court freed Artem Vaulin from prison in Poland. This will allow him to better take care of his health, be with his family, and assist in his defense,” Rothken tells TorrentFreak.

“We look forward to the US Federal Court ruling on his pending motion to dismiss. If the US indictment is defective then extradition based on the indictment is erroneous – Artem shouldn’t have to leave his family behind,” he adds.

The full coverage on The Verge has some additional comments from the alleged KAT founder, which is well worth reading.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Online streaming is booming, and applications such as Kodi, Popcorn Time and VLC have millions of daily users.

Some of these use pirated videos, often in combination with subtitles provided by third-party repositories.

While most subtitle makers do no harm, it appears that those with malicious intent can exploit these popular streaming applications to penetrate the devices and systems of these users.

Researchers from Check Point, who uncovered the problem, describe the subtitle ‘attack vector’ as the most widespread, easily accessed and zero-resistance vulnerability that has been reported in recent years.

“By conducting attacks through subtitles, hackers can take complete control over any device running them. From this point on, the attacker can do whatever he wants with the victim’s machine, whether it is a PC, a smart TV, or a mobile device,” they write.

“The potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more.”

In a demonstration video, using Popcorn Time, the researchers show how easy it is to compromise the system of a potential victim.

A demo of the subtitles vulnerability

XBMC Foundation’s Project lead Martijn Kaijser informs TorrentFreak that the Kodi team is aware of the situation, which they will address soon. “We will release 17.2 which will have the fix this week,” he told us.

VLC’s VideoLAN addressed the issue as well, and doesn’t expect that it is still exploitable.

“The VLC bug is not exploitable. The first big issue was fixed in 2.2.5. There are 2 other small issues, that will be fixed in 2.2.6,” VideoLAN informed us.

The team behind PopcornTime.sh found a fix several months ago after the researchers approached them, TorrentFreak is informed. The Popcorn Time team trusts their subtitle provider OpenSubtitles but says that it will now sanitize malicious subtitle files, also those that are added by users.

(Note: Popcorn.sh has not applied all fixes in their stable code, but that will happen later today with version 0.3.11)

The same applies to the Butter project, which is closely related to Popcorn Time. Butter was not contacted by Check Point but their fix is visible in a GitHub commit from February.

“None of the Butter Project developers were contacted by the research group. We’d love to have them talk to us if our code is still vulnerable. To the extent of our research it is not, but we’d like the ‘responsible disclosure’ terms to actually mean something,” The Butter project informs TorrentFreak.

The Check Point researchers expect that other applications may also be affected. They do not disclose any technical details at this point, nor do they state which of the applications successfully addressed the vulnerability.

“Some of the issues were already fixed, while others are still under investigation. To allow the developers more time to address the vulnerabilities, we’ve decided not to publish any further technical details at this point,” the researchers state.

More updates will be added if more information becomes available. For now, however, people who regularly use subtitle files should remain vigilant.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

For millions of people, Reddit is one of the most popular sources of news online. Arguably, though, the site’s real value lies with its users.

Like any community, Reddit user comments can range from the brilliantly informed to the deliberately destructive. But, more often than not, the weight of the crowd tends to get to the truth, sometimes with the help of the site’s moderators.

Each section of Reddit (known as a ‘sub-Reddit’), is dedicated to a particular topic and is controlled by a team of moderators. While mileage can vary, moderators tend to do a good job and are often relied upon to settle disputes and hold errant users to the rules.

Last night in /r/piracy (a sub-Reddit with close to 100,000 subscribers) one moderator went rogue, which resulted in the sub-Reddit being shut down.

According to one of the moderators now in charge of /r/piracy, a now-former moderator by the name of Samewhiterabbits committed a sin by using the sub-Reddit to further his own agenda. ‘Dysgraphical’ says that the problems started when Samewhiterabbits began heavily spamming the ‘sub’ with links to his own streaming website projects.

Apparently, this has been going on for some time, with Samewhiterabbits standing accused of launching, promoting and spamming websites that have the same names as existing and/or defunct platforms, but claiming them to be the real deal.

“Samewhiterabbits is using r/Piracy as a platform to spam his monetized website forks which he claims as official,” Dysgraphical said in a statement.

“This isn’t recent activity but rather his model. He capitalizes from streaming sites that were shutdown and spams his new domain(s) as the new home for the aforementioned streaming site.

“This moderator explicitly deletes competing stream sites and uses alternative account(s) to spam his monetized stream sites. It is not only blatant spam, but censorship as well.”

After another post appeared promoting ‘popular streaming sites’ that the /r/piracy team as a whole had no hand in, moderators including Dysgraphical and TheWalkingTroll stepped in to sort out the problem.

They were met with resistance, with Samewhiterabbit – who still had moderator powers – taking several popular threads ‘hostage’ and stopping the rest of the mod team from ending the wave of misleading spam.

“He has held several threads hostage by locking/removing them to censor any critique or mention of his shady wrongdoings. With limited moderation privileges, the most we can do at the moment is delete his threads,” Dysgraphical reported last night.

While sorting out the problem, /r/piracy was shutdown or, more accurately, made ‘private’. Then, in order to move forward, the moderators applied for more power (known as ‘permissions’ in forum speak) to remove the errant mod from the team.

To achieve that, an application was made to Reddit’s admins (those at the top of the site) who responded extremely quickly to help sort out the mess.

“A few of us now have full permissions. Thankfully the admins were rather quick in their response (given they can take several days) and we got this sorted quickly,” Dysgraphical reports.

Once that power was in the right hands, justice was served in the manner determined by the rest of the team. A few hours ago, Samewhiterabbits was reported banned from /r/piracy and everything started to get back to normal.

While online ‘drama’ like this predates the Internet, this particular situation does highlight the importance of having responsible moderators on any discussion platform. There is often an assumption that these figures are in authority because they can be trusted, but that is not necessarily so.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

While torrents are still the go-to source for millions of users seeking free online media, people are increasingly seeking the immediacy and convenience of web-based streaming.

As a result, hundreds of websites have appeared in recent years, offering Netflix-inspired interfaces that provide an enhanced user experience over the predominantly text-based approach utilized by most torrent sites.

While there hasn’t been a huge amount of innovation in either field recently, a service that raised its head during recent weeks is offering something new and potentially significant, if it continues to deliver on its promises without turning evil.

Vodlocker.to is the latest in a long list of sites using the Vodlocker name, which is bound to cause some level of confusion. However, what this Vodlocker variant offers is a convenient way for users to not only search for and find movies hosted on the Internet, but stream them instantly – with a twist.

After entering a movie’s IMDb code (the one starting ‘tt’) in a box on the page, Vodlocker quickly searches for the movie on various online hosting services, including Google Drive.

Entering the IMDb code

“We believe the complexity of uploading a video has become unnecessary, so we have created much like Google, an automated crawler that visits millions of pages every day to find all videos on the internet,” the site explains.

As shown in the image above, the site takes the iMDb number and generates code. That allows the user to embed an HTML5 video player in their own website, which plays the movie in question. We tested around a dozen movies with a 100% success rate, with search times from a couple of seconds to around 20 seconds maximum.

A demo on the site shows exactly how the embed code currently performs, with the video player offering the usual controls such as play and pause, with a selector for quality and volume levels. The usual ‘full screen’ button sits in the bottom right corner.

The player can be embedded anywhere

Near the top of the window are options for selecting different sources for the video, should it become unplayable or if a better quality version is required. Interestingly, should one of those sources be Google Video, Vodlocker says its player offers Chromecast and subtitle support.

“Built-in chromecast plugin streams free HD movies/tv shows from your website to your TV via Google Chromecast. Built-in opensubtitles.org plugin finds subtitles in all languages and auto-selects your language,” the site reports.

In addition to a link-checker that aims to exclude broken links (missing sources), the service also pulls movie-related artwork from IMDb, to display while the selected movie is being prepared for streaming.

The site is already boasting a “massive database” of movies, which will make it of immediate use to thousands of websites that might want to embed movies or TV shows in their web pages.

As long as Vodlocker can cope with the load, this could effectively spawn a thousand new ‘pirate’ websites overnight but the service generally seems more suited to smaller, blog-like sites that might want to display a smaller selection of titles.

That being said, it’s questionable whether a site would seek to become entirely reliant on a service like this. While the videos it indexes are more decentralized, the service itself could be shut down in the blink of an eye, at which point every link stops working.

It’s also worth noting that the service uses IFrame tags, which some webmasters might feel uncomfortable about deploying on their sites due to security concerns.

The New Vodlocker API demo can be found here, for as long as it lasts.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.