Here’s how using Facebook and Apple easily brought down KickassTorrents

Photo: Unknown

When running a massive torrent website, using sites like Facebook and Apple (among many others) can be a deadly mistake.

If you haven’t heard by now, the U.S. Government arrested Artem Vaulin, KickassTorrent’s alleged owner, after tracing back his social media usage on Facebook.

They first identified two email addresses, “email hidden; JavaScript is required” and “email hidden; JavaScript is required”.

Vaulin used “email hidden; JavaScript is required” to make a few iTunes purchases, which resulted in his IP address being logged along the way.

As the address belongs to Apple, the company was required to fork up login data (and they did so without any hesitation), providing login access dates, times, and IP addresses (among other relevant information)

The link was then made when they discovered that Vaulin was running a Facebook page, which he occasionally used to post updates about the website.

Records provided by Apple showed that email hidden; JavaScript is required conducted an iTunes transaction using IP Address on or about July 31, 2015. The same IP Address was used on the same day to login into the KAT Facebook Account. Then, on or about December 9, 2015, email hidden; JavaScript is required used IP Address to conduct another iTunes transaction. The same IP Address was logged as accessing the KAT Facebook Account on or about December 4, 2015.

They continued monitoring his Apple email address, which he used quite often to receive website based bug reports like the one below.

On or about June 23, 2010, Vaulin received an alert with the subject line, “[KickassTorrents – Bug#159] (Resolved)  Create post page for blogs.”

The email identified a task which “Artem Vaulin” authored and stated:

Issue #159 has been updated by [Individual A].
-Status changed from New to Resolved
-Assigned to changed from [Individual A] to [Individual B]
-% Done changed from 0 to 100
In revision 6741

Feature #159: Create post page for blogs
-Author: Artem Vaulin
-Status: Resolved
-Priority: Normal
-Assigned to: [Individual B]
-Target version: Sprint 2

Using emails from his Apple-based account, they were able to find a Coinbase Bitcoin account which he used to collect donations via the website.

After the feds sifted through Coinbase records, they were able to discover that the website’s donation account was owned by Artem Vaulin in Kharkov, Ukraine. His Apple address was also set as a backup for recovery purposes.

IP addressed used to access the Facebook page were also linked to those in a number of Bitcoin transactions, which stacked even more evidence against Vaulin.

Based on the DOJ report, it’s safe to say that Vaulin was reckless and careless when it came to privacy. While his website was big, it’s still always a huge risk to use services like Facebook, Google, Twitter, and Apple (among many others) when it comes to site related activities.

Caribbean Airlines has joined the ranks of other international airlines by introducing a premium economy cabin. Dubbed “Caribbean Plus”, rows…
It’s 2018 and there are still many websites that believe in forcing users to watch autoplay videos. That’s right, we’re…
Sometimes I like to record a snippet of what I’m listening to on my phone’s iTunes player to post to…
If you’re an iPhone user (or use any iOS device as a matter), it may be time to consider using…
Like many other mobile phone manufacturers, Apple can’t keep anything a secret. In a recently leaked internal memo (a lengthy…
We’ve all seen endless videos about those luxurious and comfortable first and business class seats on airlines like Emirates, EVA…
According to a new survey by Piper Jaffray, a securities investment and research firm, more and more U.S. teens are…
With both Xbox and PlayStation consoles receiving receiving proper 4K treatment within the last two years, Sony fans may have…
World renowned physicist Professor Stephen Hawking has passed away at the age of 76. A spokesperson for the family said…
Adobe Creative Cloud (CC) subscribers (including myself) have reported receiving emails about an upcoming price change coming to the editing…