Results 1 to 9 of 9

Thread: Movie Company Sues Pirates Who Used an Anonymous VPN

  1. #1

    Cool Movie Company Sues Pirates Who Used an Anonymous VPN

    The makers of the film 'Angel Has Fallen' have filed a lawsuit against seventeen alleged pirates. According to the complaint, several defendants used the VPN service 'Private Internet Access,' which can expect to be subpoenaed. That effort will likely be fruitless as the VPN doesn't keep any logs. However, with help from information shared by torrent site YTS, users are still at risk.

    Millions of Internet users around the world use a VPN to protect their privacy online.

    Another key benefit is that VPNs hide users? true IP-address, making them more anonymous. This prevents third-party monitoring outfits from carrying out unwanted snooping.

    This is one of the reasons why many torrent users have a VPN installed. Instead of displaying their own IP-address in torrent swarms, the VPN IP-address will show up. And when the provider doesn?t keep any logs, that address can?t be traced back to a single user.

    Lawsuit Targets Pirating VPN Users
    Such a setup seems secure, but it hasn?t prevented the makers of the action movie ?Angel Has Fallen? from suing several anonymous VPN users. In a recent lawsuit filed at a federal court in Colorado, the company lists fourteen alleged pirates that used an IP-address of the VPN service Private Internet Access, also .

    ?Upon information and belief, Defendants DOES 3-5, 7-10 and 12-17 registered for paid accounts for Virtual Private Network (?VPN?) service with the Colorado Internet Service Provider Private Internet Access,? the complaint reads.

    The lawsuit in question lists the defendants as Does, which means that their true identities are unknown. However, attorney Kerry Culpepper, who represents Fallen Productions in this matter, hopes to find out more through third-party subpoenas.

    Info From YTS User Database
    The case relies in part on information from the YTS user database that was shared by the operator of the site earlier this year, as part of a settlement. This includes download details of several users, as well as their IP-addresses and email addresses.

    piadoes.jpg

    The attorney has requested subpoenas to compel email providers, Internet providers, and Private Internet Access for more personal information. In the past, we have seen that Microsoft and ISPs such as Comcast will hand over what they have, but with a VPN this isn?t as straightforward.

    PIA?s Confirmed No-Log Policy
    PIA has a so-called ?no logs? policy which means that it can?t link a VPN IP-address and a timestamp to a unique user. This policy has been repeatedly tested and confirmed in courts.

    Culpepper informs TorrentFreak that he will request a subpoena regardless. He argues that the use of a VPN shows that people were aware of their illegal activity.

    ?It is relevant because it shows they tried to hide their activities. It shows consciousness of the illegal activities,? Culpepper says, while pointing out where PIA warned YTS users that they were at risk.

    PIA?s Jurisdiction Angle
    In addition, by signing the terms of service, PIA users also subject themselves to the jurisdiction of Courts in Colorado. This is relevant in this case because not all defendants are from the western U.S. state.

    ?Most importantly, if they signed up for an account with PIA they agreed to jurisdiction in Colorado no matter where they are. Most of the PIA users were not in Colorado,? Culpepper notes.

    piajurisdiction.jpg

    All defendants are accused of downloading a torrent titled ?Angel Has Fallen (2019) [BluRay] [720p] [YTS.LT],? as well as other copyright-infringing content that isn?t specified.

    Defendants Still at Risk
    According to the complaint all defendants have received at least one DMCA notice. Fifteen of them were also contacted repeatedly on their known email address with cease and desist notices and settlement offers, but these were ignored.

    With this lawsuit Fallen Productions hopes to uncover the identities of the people behind these IP- and email addresses.

    TorrentFreak contacted PIA for a comment on the lawsuit. The company said that it hasn?t received a subpoena yet and reiterated that it can?t identify individual users.

    ?Private Internet Access has not received a subpoena in regards to this case. Even if we do, our response will be the same as always: PIA does not log VPN user activity,? a PIA spokesperson informed us.

    That was also confirmed in more detail earlier this year in our annual VPN overview.

    ?There are no logs kept for any person or entity to match an IP address and a timestamp to a current or former user of our service,? PIA said at the time.

    That said, defendants are still at risk, as their email addresses are known as well. That doesn?t prove anything, as YTS allowed members to sign up with a fake email, but it could lead to people being identified eventually, without PIA?s involvement.

    If anything, this case shows that using a VPN only offers limited anonymity. When people use a VPN irregularly and leave other information behind, such as email addresses, they may eventually be exposed anyway.

    ?

    A copy of Fallen Production?s complaint, filed as the US District Court in Colorado, is available here (pdf) in attachment..
    Source: TorrentFreak / https://torrentfreak.com/movie-compa...us-vpn-201026/
    Attached Files Attached Files
    Last edited by anon; 27.10.20 at 20:10. Reason: Added link, fixed quoting
    Reply With QuoteReply With Quote
    Thanks

  2. Who Said Thanks:

    (08.11.20)

  3. #2
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    36,808
    Activity Longevity
    13/20 19/20
    Today Posts
    3/5 ssss36808
    Well, it's incidents like these that prove how anonymous and secure VPNs really are. As for cooperation between YTS and law enforcement, that was already known.
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  4. #3
    Yes, cooperation between YTS and law enforcement,
    and also stayaway from IPVanish, PIA VPNs, and those VPNs which are especially belong to EU and Free,

    I think Express, Nord and Surfshark are goodone, especialy express and nord,
    otherwise seedboxes that has good reputation and are from safe jurisdation.
    Reply With QuoteReply With Quote
    Thanks

  5. #4
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    36,808
    Activity Longevity
    13/20 19/20
    Today Posts
    3/5 ssss36808
    Quote Originally Posted by JohnWick View Post
    stayaway from IPVanish, PIA VPNs, and those VPNs which are especially belong to EU and Free
    IPVanish is a "no logging" VPN which was discovered to actually keep logs when pressured by the DHS. Same with Hide My Ass and another whose name escapes me right now (started with an E). On a sidenote, it's impossible to run a service of any kind that keeps zero logs, because you need those for troubleshooting. Imagine having a server slow down or crash without a clue as to what went wrong, when, how or why. "No persistent logs" or "no long-term logs" would be a more reasonable promise.

    PIA was good until they were acquired by Kape, a company whose business goals don't align with privacy very much. Before the buyout, some employees stated things would remain the same and they'd remain committed to their "mission"; I don't doubt their sincerity, but unfortunately they're not the ones calling the shots.

    When it comes to free ones, I would only make an exception for ProtonVPN since it's from the same crew behind ProtonMail and therefore can be considered trustworthy. No transfer or speed limits on it, also.

    I think Express, Nord and Surfshark are goodone, especialy express and nord,
    otherwise seedboxes that has good reputation and are from safe jurisdation.
    NordVPN seems okay, but they don't have port forwarding, and the large amounts of hacked premium accounts circulating makes me question their site security.

    Mullvad and cryptostorm are run by highly skilled people in a transparent and ethical manner. The latter does not get much mention, but I think they had a "celebrity endorsement" from TPB some years back.

    Surfshark has a fairly good (and free) DNS-over-HTTPS service. Never tried the actual VPN, though.

    Personally, I like Tor more than any of them It's good enough for my needs, and its design makes it very difficult even for a malicious node operator to monitor your activities (with the exception of exit nodes and unencrypted data), although some potential attacks are known.
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  6. Who Said Thanks:

    JohnWick (29.10.20)

  7. #5
    Quote Originally Posted by anon View Post
    NordVPN seems okay, but they don't have port forwarding, and the large amounts of hacked premium accounts circulating makes me question their site security.
    I think those nordvpn circulated are not hacked accounts,
    i have also seen those claimed hacked accounts, those were created by someone and uploaded on their sites,
    and after 24hours or weak they usually change passwords, but some people are still sharing those acounts in different forums, and 99% of those are dead accounts..

    these type of sites mostly share accounts of nordvpn and prn accounts
    Last edited by anon; 01.11.20 at 01:26. Reason: Removed link (see rule 3)
    Reply With QuoteReply With Quote
    Thanks

  8. #6
    sashiagustina's Avatar
    Join Date
    09.09.20
    P2P Client
    Tixati 2.6.7
    Posts
    146
    Activity Longevity
    8/20 1/20
    Today Posts
    5/5 ssssss146
    I am afraid in the near future, VPN provider must be obliged to provide, no exception.
    Last edited by anon; 01.11.20 at 01:26. Reason: Removed quote (see above)
    Reply With QuoteReply With Quote
    Thanks

  9. #7
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    36,808
    Activity Longevity
    13/20 19/20
    Today Posts
    3/5 ssss36808
    Quote Originally Posted by JohnWick View Post
    I think those nordvpn circulated are not hacked accounts,
    i have also seen those claimed hacked accounts, those were created by someone and uploaded on their sites
    What are they then? Trial accounts made with hacked credit cards? I find it hard to believe that would happen almost exclusively with NordVPN hundreds of times a day, when other services have free trials too. And while almost everything is vulnerable to dictionary attacks and credential stuffing to some degree, I also find it hard to believe that people who purchase a commercial VPN service (something which attracts a more security-conscious audience) would use weak passwords so often.

    In any case, they're a nice way to try before you buy
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  10. #8
    sashiagustina's Avatar
    Join Date
    09.09.20
    P2P Client
    Tixati 2.6.7
    Posts
    146
    Activity Longevity
    8/20 1/20
    Today Posts
    5/5 ssssss146
    mostly those crackers aren't bruteforcing with dictionary they do farming on vulnerable forum's DB. and then you know what is happens next. better not talk about it in this forum
    Reply With QuoteReply With Quote
    Thanks

  11. #9
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    36,808
    Activity Longevity
    13/20 19/20
    Today Posts
    3/5 ssss36808
    Quote Originally Posted by sashiagustina View Post
    better not talk about it in this forum
    Too late, I already mentioned credential stuffing in my above post

    On 2011 there was an organized effort against BitTorrent-related communities to hijack accounts and post links to "funn.coi.li" (itself a password phishing site masquerading as an open tracker). The attacks came from Israeli IPs. We were not affected, but nonetheless chose to restrict access to the member list as a cautionary measure; leeching and parsing account lists is a good way to build dictionaries. Obviously there are other security features in place too.
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •