The P2P site Demonoid has apparently been shut down by a DdoS attack and is now serving up malware to visitors.
The site’s main domain is now redirecting straight to an ad network serving up malware to unsuspecting visitors and there is some suspicion that Big Content might be involved.
Demonoid is one of the world’s largest and longest standing sites and the attack coincidently comes after IFPI’s said it had taken “strategic action” against Demonoid. While this had been assumed to be legal action and political lobbying, the taking down of Demonoid is a little too strange.
Hacker groups normally benefit from Demonoid and similar sites so taking it down is silly.
The site has fallen over a few times, but given its traffic it is strange that it has disappeared completely.
The site was hit by a huge DDoS attack last week which crippled the site and then took it completely offine.
According to a Demonid admin, it appears that the DdoS was to cover an exploit.
Torrentfreak reports that the domain entries for Demonoid.me were updated and now the URL is redirecting to straight to adverts which contain a virus and other malware.
The redirection is to the 52664.bestfastget.com domain, a site which has a similar trust rating to Mitt Romney’s tax returns. Apparently Demonoid shoved traffic to that site to avoid mounting bandwidth bills caused by the DdoS.
It seems that the P2P community is not optimistic that the site can recover.
Demonoid has staffing problems after some of its workers were questioned by authorities about their involvement in the site.