Hackers using File Lockers to Exfiltrate Stolen Credit Card numbers

Piracy isn’t the only illegal activity taking place on file lockers. Recent research has demonstrated that hackers are using file lockers and streaming sites to exfiltrate stolen credit card numbers and other stolen data from their targets.

In a recent article published at Dark Reading, the methods used by hackers to exfiltrate data via video streaming sites were examined in detail. However this activity also takes place on file lockers.

Hackers who have stolen credit card, financial or other data need a way to exfiltrate that data without revealing their final destination for the data. So in a clever manoeuvre the hackers will embed stolen data into regular movie files and then upload them onto file locker services. Then once the data is in place, the hackers will then exfiltrate that data just as a normal file locker user would download files. Once the data has been retrieved the original files are deleted from the file locker.

[Read more…]

Mega: Hypocrisy, Piracy and Porn

In a recently released report, focussing on the partnership between credit card companies and file lockers, Mega was named as one of the worst piracy sites in the world. In response, and showing the sheer arrogance of Kim Dotcom, Mega have decided to sue Netnames for defamation.


We have been studying Mega since it first opened and we noticed piracy taking place on the site from the very beginning. Now 18 months on, the amount of piracy taking place on Mega is staggering, despite Mega not appearing to have pay per download program for uploaders.

Pirates monetise piracy taking place on Mega using ad networks that display an ad before redirecting users to pirated content. Such ad networks include adf.ly which displays an interstatial ad that cannot be bypassed before redirecting the user to the content being linked to.

Mega is a haven for piracy. Out of the top twenty sites (by number of links to Mega) most of them link to pirated content hosted on Mega.

Mega referring sites

Piracy on Mega

Frozen – Movie Piracy


[Read more…]

ChayFile.com: Loses Payment Processing

A new up and coming file locker ChayFile has been deprived of payment processing. It is common knowledge that Paypal will not process for illegal file lockers, yet ChayFile decided to try their luck – last week their luck ran out.

ChayFile  Cloud File Storage

ChayFile  Cloud File Storage

Error  Your purchase couldn t be completed  PayPal

We will continue to target file lockers big and small to mitigate the huge amount of copyright infringement and distribution of illegal content that these sites engage in.

UPDATE 2nd December 2014: Chayfile has been shut down by their web host.

Account Suspended

OBoom: Merchant Accounts Closed

OBoom.com is a file locker which we have detailed in this blog as hosting illegal pornography. However OBoom also hosts large amounts of copyright infringing mainstream content such as Television Programs, Software and Movies.

OBOOM com  keep your moments on file

This week OBoom was finally deprived of credit card processing. The only payment options left are Paysafe Card, Bitcoin, Webmoney or Vorkasse which are not used by the majority of people who visit the site.

OBOOM com  keep your moments on file

As we have seen with other file lockers who have their merchant accounts closed, the site will soon run into financial difficulty as sales plummet, uploaders stop getting paid on time and server fees are not met. It costs a lot of money to host as much illegal and infringing content as OBoom, so without the convenience of credit card payments or popular payment processing options such as Paypal, the site will soon face severe problems.

Update: 13th September 2014: Oboom added reseller Premium Issuer in order to accept credit cards, however now Premium Issuer are unable to process credit card payments.

[Read more…]

FileOM: Offline and unlikely to return

From early July we began to target FileOM and it’s payment processing arrangements. We explored the site’s piracy of more than a million webcam videos – with over 18,000 videos shared from just one site – and then once the site lost it’s credit card processing in August we wrote about the failed attempt by Xerver to buy the site.

Now more than a month since all forms of payment processing were terminated the site is offline. FileOM may be simply restructuring under new hosting arrangements but we currently believe that they have failed to pay their hosting fees. Currently all servers used by the site are unreachable.

FileOM  Easy way to share your files

Time will tell if FileOM is able to be recovered, however forums and blogs are already removing links to files on the site.

FileInz – A File Locker in Trouble

FileInz.com came into being during the middle of this year. It’s one of dozens of file lockers who promote their service to pirates on the home of piracy webmasters and thieves, WJunction.

Fileinz  The best way to share your files

Like most file lockers, FileInz pays uploaders based on the number of downloads they receive.

Fileinz  The best way to share your files

Since launching there has been an exponential growth in the number of links to FileInz from piracy source domains, such as piracy forums, blogs, link lists, link dumps and file search engines.

Rapid Growth in Piracy

Fileinz growth

The above chart shows the growth in the number of piracy links and linking piracy domains based on the posts placed on those linking domains by pirates.

[Read more…]

Yonzy. New file locker linked to Imgah.com

Yonzy is a new file locker which launched just a few days ago. The file locker has announced it’s presence to the pirates and thieves on WJunction.

Yonzy wjunction offer

Like most file lockers we have investigated, Yonzy offers paid rewards to uploaders of content. They pay uploaders a commission upon a signup to the file locker and also pay up to $13.00 per 1000 downloads that a file receives.

What we have found is that the image hosting site Imgah.com now redirects to Yonzy.com

Yonzy links

[Read more…]