The Biggest Ever BitTorrent Leak: MediaDefender Internal Emails Go Public


When TorrentFreak reported that Media Defender (MD) was behind the video site MiiVi, they cast doubt on us. Now, in what is surely the biggest BitTorrent leak ever, nearly 700mb of MD’s emails have gone public. When MD’s Randy Saaf found out we rumbled MiiVi he said, “This is really fucked.” This is too, but much more so.

When we reported in July that an Anti-Piracy Gang Launches their own Video Download Site to Trap People and that the company was called Media Defender and, as anyone who aims to be a credible news resource would, we checked and double checked our sources. We said, with some confidence:

Media Defender, a notorious anti piracy gang working for the MPAA, RIAA and several independent media production companies, just launched their very own video upload service called “”. The sole purpose of the site is to trap people into uploading copyrighted material, and bust them for doing so.

However, in comments made to Ars technica, Media Defender’s Randy Saaf chose to rubbish our claims, calling it an ‘accidentally un-secured internal project’.

From the emails we cannot be sure that it’s an entrapment site or that it is related to the MPAA (perhaps it’s a legit a P2P video client?), but it does look suspicious.

Unfortunately for Media Defender – a company dedicated to mitigating the effects of internet leaks – they can do nothing about being the subject of the biggest BitTorrent leak of all time. Over 700mb of their own internal emails, dating back over 6 months have been leaked to the internet in what will be a devastating blow to the company. Many are very recent, having September 2007 dates and the majority involve the most senior people in the company. Apparently this is not the first time that a MediaDefender email leaked onto the Internet.

According to the .nfo file posted with the Mbox file the emails were obtained by a group called “MediaDefender-Defenders”. It states: “By releasing these emails we hope to secure the privacy and personal integrity of all peer-to-peer users. The emails contains information about the various tactics and technical solutions for tracking p2p users, and disrupt p2p services,” and “A special thanks to Jay Maris, for circumventing there entire email-security by forwarding all your emails to your gmail account”

Note: The mbox formatted file is circulating publicly on BitTorrent, completely unedited. However, for publication here we have removed the username and password logins for Media Defender’s servers, and replaced them with asterisks and avoided publishing emails of a personal nature, e.g pay negotiations etc. We believe that the emails are the real deal and all the info posted here serves the public interest.

At first we couldn’t believe that it was real, but after we scanned through the e-mails it became clear that it was indeed the real deal. Hundreds of IPs and logins to their servers, lists of their decoy/entrapment trackers, decoy strategies, the effectiveness of their fake torrents (in many cases with a breakdown of success, title specific), high and low priority sites, .torrent watchlists, information on their monitoring of competitors, pictures of their weekend trips and even the anti-piracy strategy for dealing with The Simpsons Movie leak:

# REMINDER: “The Simpson’s Movie” premieres this Friday (to Torrents).

* Decoy files are available in torrents MDfile server.
* Use Public Trackers for pre-Leak releases.
* Create two new trackers for this project.
o Ebert to inform Torrents of these new machines.
* Send a list of 5 release names from each torrent team member to Ebert.
* REMEMBER to input torrent file into interdiction if a real Leak is available this weekend.

It’s impossible to sum up all the juicy details in one post as the amount of information is staggering, so as much as we’d like to tell you about the custom Media Defender software (called ProxyMaster) included in the leak, we’ll focus mainly on the MiiVi case.

Let’s start off with their response to our story about

From: Ben Grodsky
Sent: Tue 03-Jul-07 20:19
To: MIIVI; Randy Saaf; Octavio Herrera; Steve Lyons
Subject: MiiVi got Dugg

Looks like the domain transfer has screwed us over:


And the response from Randy Saaf himself.

This is really fucked.
Let’s pull miivi offline.

Apparently our reports about MiiVi made them really paranoid. They are worried that reporters will apply for jobs just to find out more about their secret project.

From Ben Grodsky, Media Defender

Subject: care in interviewing

Given all the recent Digg, SlashDot and derivative online articles about MD, be careful what you say in job interviews. Specifically, I’m concerned about giving any information BEYOND what’s already on the website. I’m worried about someone interviewing for a position just for the purpose of getting more info to post online. For example, if anyone asks anything about MiiVi, just reiterate what Randy has said online (it was an internal video project that we probably should have password protected; we were in no way directed to, or working with, the MPAA on that project; NO part of the project was a honeypot designed to trap downloaders).

Seemingly every last detail of the MiiVi preparations are laid bare for all to see, such as these attempts to deal with some unexpected content. Interestingly, if MiiVi was only an internal operation, where on earth did this content come from?:

From Ben Grodsky, Media Defender


I wouldn’t normally e-mail you directly about MiiVi stuff, because a lot of what I say about this is total crap (so keep that in mind) and Jay filters the crap from the important stuff for you. Is there a way to add this hash/title to the porn filter explicitly?

hash=30755326A4E4B28E678BFF8CB2AF5FC4A4FBF710&i=3 (the title is Celebrity deathmatch: Korn vs slipknot and the exact URL is

I just flagged it as Other Terms of Use violation. It’s a warthog (or maybe it’s a big bushy dog, I can’t tell) having sex with a woman and NOT a Korn vs. Slipknot mash-up video.

If this is a big deal, don’t worry about it for now.

And, If MiiVi was an internal project only, how does that sit with these attempts to generate lots of traffic?


Another thing we can do to increase Google and other search engine traffic is to get more link-ins. At the next MiiVi meeting, I’m going to ask Randy for permission to incentivize people to link-in a MiiVi video on their MySpace. Colin is already doing this and it helps the word-of-mouth spread, even if the link-ins are nominal. I’m not sure what we could do in the link-in regard early on, but getting the cumulative ~1000+ MySpace friends of MediaDefender employees to see MiiVi link-ins can’t hurt

Post by TorrentFreak

Share your love

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *