The raid on Demonoid’s servers and the reports that a criminal investigation has been started against the site is causing some panic among the site’s users. Was the user data encrypted? Can the authorities see what people have downloaded? Without official comment from Demonoid’s admin these questions are hard to answer, but a massive legal operation aimed at the site’s users seems highly unlikely.

Earlier this week the news broke that after the popular BitTorrent tracker Demonoid suffered a DDoS and hacker attack, it had also been raided by the Ukrainian authorities.

Roughly a week ago government investigators arrived at Demonoid’s hosting provider ColoCall to pull the site offline. According to Sergei Burlakov of Ukraine’s Ministry of Internal Affairs the authorities acted on a request from Interpol.

“The Division of Economic Crimes [DEC] received an international request from Interpol to send a request to the company ColoCall. DEC sent the request to the provider, after which the ISP decided to stop working with Demonoid,� he said.

The request related to a criminal investigation in Mexico, where one person was arrested for his connection to the BitTorrent tracker last fall.

Judging by the strain on the TorrentFreak mailbox the raids have caused some of Demonoid’s users considerable panic, probably due to them having shared copyrighted material via the site. Now that the Ukrainian police have access to Demonoid’s data, they are naturally wondering to what extent they are exposed.

TorrentFreak posed this question to the sole tech admin of the site, but since the raids we haven’t had a response. This means that we can’t report whether some, all, or none of the user data was encrypted. What we do know is that Demonoid was prone to collecting erroneous stats, often counting uploads and downloads against users who never carried them out.

However, looking at similar raids in the past it seems highly unlikely that the authorities will go after large groups of individual users. Even if they do plan to target members (there is no indication at the moment) the most likely scenario is that they would single out a few of the top uploaders, or those who were the first to upload prominent movies, particularly if they did so in bulk.

The only thing we know for certain at this point is that there’s an investigation against Demonoid in Mexico. A source inside ColoCall (Demonoid’s former host) confirmed the Mexican connection when speaking to reporter Maria Popova of Ukrainian news site Kommersant.ua on August 6. Then working back, the MPAA reported the arrest of the site’s admin to the USTR October 26, 2011 (see page 4 of this report), and the IFPI congratulated the Mexican Attorney General’s office on the raid in this official government document from October 6, 2011.

While we always strive to publish sincere and detailed articles on cases like these, it appears that one alleged and presumably now ex-moderator of Demonoid felt the need to tell Vice our reporting is “as reliable as Fox News� and that “anything from TorrentFreak should be taken with a kilo of salt.�

This attack appears to be based on one single mention where we quoted the ColoCall source who said that the site’s administration was based in Mexico. While we never gave any credence to the quote, in light of the previous documented arrest in Mexico, the MPAA’s statement to the USTR and IFPI’s congratulations to the Mexican government, we thought it was worth mentioning.

Of course this is not the first time that Demonoid “staff� have lashed out against TorrentFreak. In 2007 we were called out as liars by Demonoid’s IRC and forum moderators when we reported that the CRIA was behind’s Demonoid’s downtime. A week later Demonoid confirmed our report.

But back to the key point in hand – if we hear anything at all about the fate of user data on Demonoid, who has access to it and/or to what level it was encrypted, we’ll be sure to report back.

I don't think the users are at risk. Demonoid only kept amount of data downloaded, but that's about it. If you uploaded a bunch of stuff (mainly movies & music), you may want to be a bit worried, but if you strictly downloaded, from what I hear you should be fine. Also, they're still trying to figure out what all of this story is rumor and what is fact. One site reported that the Demonoid Admin said it's all BS, and that they never had anyone in Mexico, while others are thinking TorrentFreak may have an inside line or is calling Demonoid's Bluff. Unfortunately, it's too soon to tell in my opinion. If anything you should be glad to know that now that it's on a permanent hiatus, there'll be a spike in new members here trying to find new trackers to get involved with. That's why I'm here. :-)

It is just sad to see another great site smashed by the boot. Hopefully it is just a matter of time until the balance is restored.

Normal users will be fine, they will go after staff and maybe the top uploaders, especially if the uploads were cams.

Demoniod user base was to large to target everyone, but there will be a select few who they go after.

This is not rumors man, it's really happening, although I think most of the stuff posted about the Admin is speculation as he doesn't give many interviews and is very much a private person.

Four words for them. "Come at me bro".

This will be interesting to say the least. I am curious to see how all of this unfolds.

Catch Me if you can DMCA, SOPA , PIPA , etcetc guys

Overall, I think uploaders are more at risk -- but these days in the U.S. it's more about the provider than the RIAA, etc. Verizon, ATT and so on are the ones getting really proactive with ISP monitoring. That's a more effective way to get people to stop, and that's why they're taking that approach.

Originally Posted by drsweet

Overall, I think uploaders are more at risk -- but these days in the U.S. it's more about the provider than the RIAA, etc. Verizon, ATT and so on are the ones getting really proactive with ISP monitoring. That's a more effective way to get people to stop, and that's why they're taking that approach.

so anyone who downloaded from here with an account is probably not in any danger ONLY if you uploaded lots of stuff BUT when you downloaded doesn't it share (upload) with others automatically?

Being terribly concerned now about exposure probably isn't the most constructive thing; if a Demonoid user failed to use a good proxy service or real anonimizing service which doesn't keep records of users (see the recent T.F. article) they made themselves a fairly easy target. Let us not forget that the F.B.I. has gone after some of the well meaning people who participated in the mass "anonymous" attacks some time back, they have long memories and nothing that happens on the internet ever really goes away. How litigious this becomes is anyone's guess at this point but I think the best course of action would be to use this experience to smarten up a bit and protect yourself a little bit more than you think is necessary.

Best of luck to everyone!!