All info gathered from public
BadGirl is a bitch that copies and
Please note this
is a work in progress
have any more news regarding
this, please msg ttol on EFnet. Any
corrections or mistakes please let me
ALL SITES UNRELATED TO BUSTS HAVE
BEEN REMOVED FOR THEIR SECURITY. IF
SEE A MIRROR OF THIS PAGE WITH THE SITE
NAMES ON IT, IT IS AN OLD
Updates (newest updates at the bottom of the
- eRUPT (also author of RuptBot!) and Doc-X busted, lived in
Miami. There was a Miami warrant executed and they are both DOD members.
- Police investigations on a large campus network (polytechnic of
pohjois-savo) ( pspt.fi multiple 100mbit sites )
- sui not arrested, just took his computer
- CORRECTED: thraxis was queensland not Melbourne .au
- 2 Polish cracking groups busted (CookieCrK and AAoCG)
was www.cookiecrk.org. As of now, you can still search for it on
www.google.com and see the cached site (it listed cracking tools)
site was www.aaocg.prv.pl. As of now, you can still search for it on
www.google.com and see the cached site (it listed cracking tools)
- ^stealth, guy from Oregon, got busted. he did ps2 and game iso's. 3
federal agents and 2 deputies took away his computer. he had 6 terabytes of
- Take a look at http://www.internettrafficreport.com/#graphs -- internet
traffic dropped 50% since raids
- Confirmed story surrounding bigrar (chris tresco) and a former
I worked at the economics department back in july of 2001. I
started working with 5 other northeastern university students in the systems
administration department. One of which was Chris Tresco, the member of DoD.
They all were a great bunch of people, really friendly, and down-to-earth.
Summer is pretty slow at MIT because not too much goes on besides grad student
The first day of work i went through an "initiation" in which we
went out to eat at the "Cheesecake Factory" resturant in Cambridge, a very
posh resturant. My initiation was to select the appetizers for the rest of the
department, if they liked my choices then i would become a part of the group,
otherwise... i don't know. The talk around the table focused on our manager
Lisa talking about an ex-employee who used to screw around with rather ugly
women, and how he was a man-whore, etc. Very casual, even almost vulgar
conversation. I felt very at ease, they were close, and quickly became
friendly towards me. The bill was quite expensive, but of course MIT paid.
This was monday.
Later that day Chris and the other guys showed me the
systems, and explained what each machine did, and the basic design of the
network. I noticed a rather large file server, and when i asked what it did,
Chris explained that it was his own machine. I browsed the web
rolled around and I was updating different professors homepages with a new
design template. Not too much really, i finished the job quickly. Later in the
afternoon, the manager Lisa came into our office and asked us "Do you guys
need anything?". Chris turned and said "I could use a beer." another guy said
"How about a foot massage?", i turned and said "I could use a back rub." She
laughed and returned to her office. I spent the rest of the day updaing the
website, and watching the guys messaround with the mp3 server, and the music
one guy was making with Cubase.
I had yet to fill out any working papers
as it was only my 2nd day working.
Wednesday rolled around, and the day
started as normal. Chris showed me his computer, and i noticed the 3+
terabytes of disk space it had. He casually informed me that it was a DoD
"Drop box", and that if i created a directory with the name of a software, or
mp3 title, that in the directory the next day it would appear there, almost
Later in the afternoon, the manager called me into her office,
i thought she was going to have me fill out some forms for work. Once i was in
her office, she had me sit down.
"About that joke you made yesterday..."
"Umm, which one was that..." I replied
"The one about the back
rub.... i didn't appreciate that, it was a direct insult to my authority." She
"Oh, that one.... I'm sorry, but i didn't really mean anything by it,
the other guys were joking around as well, and i didn't think anything of it.
I replied, suprised.
"Well i didn't think it was very professional, and
with the Professors and expensive equipment we have here at MIT, i expeceted a
higher level of professionalism from you." She said.
"Oh.... well you guys
all seemed to be pretty relaxed. With no dress code, and you're down-to-earth,
and friendly personalities, you all seemed like a bunch of bar-mates, and just
happen to work together. I thought my comment was right at home. I'm sorry,
but i guess i shouldn't have said that afterall." I said shocked.
i'm sorry, but i'm going to have to let you go." She said quickly.
mean i'm fired? Don't i get any warning, or second chance or anything? I
mean... i didn't really mean anything by it, it was just friendly banter. I
said be wildered.
"I'm sorry, but i feel that it upsurped my authority, and
we expect a high level of professionalism here. She said.
funny, because with the conversation at lunch on monday, the birkenstock
sandals, t-shirts, shorts, and most of all, the warez server in the other
room, i didn't really see a high level of professionalism, if any whatsoever."
"I'm sorry, my decision is final, you can leave now if you like.
Or finish out the rest of the day..." She said, and looked away.
I got paid
for the rest of the week, and left. Then I heard this story.
she'll not be working long after this, it was right under her nose. Good
managering i guess.
I'm glad i got fired.
- Another story from a Purdue university student:
I attend Purdue
University and i can tell for sure that there is now reason for there to be
software piracy. tell me tell you why.
Purdue University has an Agreement
with Microsoft which enable us to recive original, lisenced versions of
original Microsft Software for 5$. u can check out the detaile here>
We get all software right from Windows Xp to
office to the full 6cd pack of Visual Studio 6 for only 5 dollars.
student is entitle to a copy and there are no limitations.
Purdue's Computer society host and Ftp mirror for almost all the possible
Linux ditro's thereby not even needing us to use up extra bandwidth to
download from outside.
Very recently i belive there has even been
agreement to let the Computer Science Majors to download all of the Microsoft
software free of charge from a web server starting from even the arabic
version of Windows 3.11 up till windows Xp.
And ALL this this is being done
legally. therefore i see no reason for there to be Software piracy at Purdue
University. The article just mentions there had been raid and i think this is
just to Defame Purdue Univsity. It does not even say that any thing was
confiscated at purdue university - Just another Angry purdue Student
- A search on www.newscheck.cc reveals there were 40865 warez releases in
the last 7 months, of which only 411 were by DoD. (1% of releases)
- Halfmoon2 Has Been Busted, 32 Boxes were confiscated and so were 200+ DVD
CD's, HM2 Was affiliated with VCDWS
- A good link (video broadcast about the busts): here
- Centropy is not dead. At all.
- Rasiq of the brazilian group "GREDoR", was busted. He was a DVD ripper. A
lawyer is with him in Federal Police, in Sao Paulo, Brazil. Took his PC and 70
CDs. Seemed like they accuse him of cracking Windows XP
- http://www.smh.com.au/news/0112/13/national/national16.html story takes
quotes from http://www.defacto2.net/apollo-x/bandido.htm
- ievil(busted) runs the newly linked swedish efnet-server
- TFL says:
We would like to make something very clear. There is a
huge misunderstanding as to why we release the programs to the end user.
Basically this is why: Lots of applications cost a lot more money than
endusers can afford (some cost $50,000+). We release a FULLY functional
program for endusers to evaluate, learn, try or compare and then decide if
it's right for him/her. We do NOT release these applications for companies to
use them in a working enviroment where they would not have to buy them from
the original maker, therefore COMPLETELY misrepresenting our goal. At this
case we ENCOURAGE original makers to come to such companies and do whatever
they need to them. Moral of this is: If you use programs at work for anything
rather than evaluating BEFORE buying, you deserve to be caught!
- This is the only official site: http://www.urbanghetto.net/dod/ any others
- HaXoZZi0 that was caught last night by the feds, he was from TBRaS, a
releaser for the brazilian group
- From a local newspaper .. the bust at purdue ... (lafayette,indiana) ...
one student was raided and equip taken and he was taken away by US customs
agents and the purdue university police ...
- DupeFrench.com's dupechecker has been passworded for security
- No scene actions in Switzerland or France since busts
- ViBe (french divx) is closed
- Xplicit (french divx) is closed: "La team XpliciT a le regret de vous
annoncer sa fermeture suite aux Úvenement facheux pour la scene toute
entiere... La fermeture est immediate ... Bonne continuation a tous et a
- Article about busts in french:
- Only 41 mp3 releases for today, RNS and KSi haven't stopped. Most european
dance groups closed their chans.
- A lot of siteops that still have their sites up are being asked by users
to ipdel/change or deluser their accounts
- 23 year old DOD cracker caught -- was from MIT. Chris Tresco aka bigrar.
- Chinese news about the busts at:
- BaLLz from mp3 group CSR got busted. Unclear whether reason was
mp3-related or iso-related.
- FBI agents raided not only MIT but also Northeastern University, Boston
University, Tufts University and The Bank of America office in Boston
(according to yesterdays Boston Globe, FBI agents raided not only MIT but also
Northeastern University and The Bank America office in Boston as well as other
- One of the sites seized from Northeastern University was a top site
affiliated with Class (CLS)
- WLWMP3 permanently shut down
- Guy at RIT got busted for ripping and distributing DivX movies
- Another news in french:
- Okay, someone correct their four-tier theory (via comments) that infers
DOD as counterfeiters at http://www.newsfactor.com/perl/story/15255.html
- Microsoft comments on the busts at
- 10 warrants were issued in New Hampshire, all crackers. Canada also saw
some busts. Undercover FBI-ran FTP sites based in Virginia (??) and Virginia
(CoreDump). Original article:
- Website Designer for drinkordie.com is 17 year old male student at
Orange Park High named Daniel Stratton. He goes by the name of Bigfoot2. More
and for his full name, here.
- Canada, Germany, and Sweden are targets of the investigation, although no
known raids have been reported to me. Source:
- BanDiDo wanted to write for Linux Gazette.
http://www.linuxgazette.com/issue60/issue60.html and search for bandido
- For those that don't know, dezzy from DoD wrote the DOD DVD Speed
- CROSSFiRE has closed its doors. All members have retired
- More raids to come. source:
- ThrawN of DiSTiNCT/CLASS was raided in Western Australia, ThrawN's house
got raided but no PC equipment was found as its in another house, no arrest
has been made at this time.
- Checkpoint, the official dupecheckers, is just temporarily down.
"checkpoint will be down until we know what exactly happend. you can help be
sending infos to [email protected] but ONLY write a message if you are 200%
sure that it's true. we do NOT need any new rumours."
- UK made arrests! Source: here
- TF1, France's biggest TV network, wrote an article.
- CHECKPOINT IS DOWN!BadGirl posted the URL to checkpoint, the
official dupechecker, and as a result they shut it down completely. Proof it's
down via this screenshot (update: link removed).
BadGirl was accused of
narqing on a site in Germany. They got her purged from most sites and
deleted from Checkpoint. She use to be in TR, a mp3 release group. She's now a
courier for ATM, also mp3.
- CMS has stopped releasing mp3. All their sites are down, no where to pre.
Not their choice.
- Six computers captured and seized at RIT today. Source:
- Zenith (0-day utils) now closed.
- 100Mbit site NB (NorthBridge) raided in .no
- REV mp3 has ceased operations
- STREAM (0day) is dead
- Regarding IRC server logging I asked a irc admin friend of mine
about what he thinks. He said the following was just THREE days
Server send: 3.82 Gigabytes ( 6.7 K/s)
2.36 Gigabytes ( 4.1 K/s)
To log all that, should have a lot of TB's. I
then asked him if I could parse the info as it streams. He said the
connections between the servers are encrypted and he doesn't know of any fed
servers that get the traffic through. And even if there was one, they'd have
to work against the cryptos with all that traffic. A good link to read would
- "iMATiON officially closes down as a group as of this moment. Its fear
that our leader TK might have been busted as he pinged out the morning of the
raids and he pinged out about the time the raids were supposed to have
happened.... as well there were raids done at his university. as I'm saying to
everyone else... take precautions to protect yourself and hopefully everyone
makes it out on the other side"
- GME2000 and ADM, both german DivX groups, are officially
- We know that the Virginia FBI site was CoreDump. What's the one in
- Information regarding effects these busts have on VCD scene and other
- Group affils for each person listed below as well as site
- BUSTED: eRUPT (author of ruptbot, dod, miami), doc-x (dod council, miami),
heckler, zielin, sui (tfl/wlw), hackrat (wlw/razor/dod, california), shark
(wlw/razor/dod; RatzHole siteop), thraxis (not busted; but raided -- 700 cds
and computer; risc, pgc, dod, queensland, Australia), maverick (from skidrow,
not from omega; dod council), sony, bandido (razor, dod council, risc
council), eriflleh (dod council, philadelphia), bigrar (christopher tresco 23
y/o, dod, risc, boston), avec (former fts, rts, rise, former DOD council,
razor), buj (dod, Durham North Carolina), forcekill (dod, turku finland),
radsl (dod, oregon), chevelle (dallas), billyjoe (austin), ievil (razor, an
ircop, had retired already), superiso (inferno; got raided), ^stealth
(oregon), Rasiq (GREDoR, Sao Paulo Brazil), HaXoZZiO (TBRaS, Brazil), BaLLz
- SFM was fed site
- CoreDump was fed site based in Virginia. But dr ice (site op) not
busted ?? Possible Fed ??
- SFM and CD sites dropped out of the scene 2 days before busts for "group
- RHiSO is down (hackrat operated)
- rumor: hackrat busted 4 times
- HO is down (DOD AHQ, chevelle's site)
- FE is down
- LOF is down
- PS is down (down a few days prior to busts and should've been sitting in
the room ready to put HW into FE)
- those 3 were sitting in the economics dept. of MIT, which would be the
bigrar (chris tresco, 23) portion of the bust
- Razor announced blackout, pciso division perm closed
- DOD dead 100%
- sui got busted and he's from TFL. WLW now dead
- 150+ sites closed
- TRC retired
- SKR, curry group, is shutdown (ran by maverick)
- TheWretched and TheFrail (divx groups) also shutdown
- Story: 5 FBI agents came to avec's house at 9:30AM CMT with federal search
warrant. took 271 cd's. watched her computer for 2 hours.
avec's computer for a few hours monitoring #worldsites, #eusites, and
#usasites for 3 hours. all the channel sites. Her shell was
- ? people in Canada (.ca)
- ? people in Germany (.de)
- ? people in Sweden (.se)
- 2 people in finland (.fi)
- 10 people in britain (.uk)
- 7 people in australia (.au)
- 2 in norway (.no)
- 1 person in brazil (.br)
- australia was hit (bandido)
- 27 cities in 21 states (including MIT, UCLA, Purdue, Duke, and University
- Austin, Texas
- Baton Rouge
- Charlotte, N.C.
- Durham, NC
- Cocoa Beach, Fla.
- New Haven, Conn.
- New York
- Newark, N.J.
- Norfolk, Va.
- Oklahoma City
- Orlando, Fla.
- Oxnard, Calif.
- Portland, Ore.
- San Francisco
- St. Louis
- Wilmington, Del.