sharkmp4: the Prenda Law honeypot

Graham Syfert (a Jacksonville attorney, who does not need an introduction) posted an interesting investigative piece today. I found it extremely important and encourage everyone to read it. But before you start, I want to point out to one coincidence that Graham did not mention (probably he did not know): a person who we strongly believe was John Steele had been commenting on this blog via Mullvad VPN (links at the bottom). Although it does not prove anything per se — a single exit IP address is shared by many VPN users — the fact that Mullvad VPN was allegedly used to seed certain pornographic movies is interesting.

sharkmp4: The Prenda Law Honeypot

By Graham Syfert

Many know of the problems encountered by Prenda Law in the case of Sunlust v. Nguyen, a copyright infringement case that resulted in the Sunlust v. Nguyen hearing transcript. Many also know of the cases of Steele, Prenda, and Duffy v. Paul Godfread, Alan Cooper, and The Internet.

And everyone who is reading this probably knows that there has been a problem in California, where a federal judge is quite concerned regarding the client and firm merging together in cases titled in the Plaintiff’s name of AF Holdings and Ingenuity 13.

Recently, the question came to be asked: Has anyone ever seen these movies they’re suing on available anywhere but bittorrent? I do not have any current AF Holdings or Ingenuity 13 cases, I have never looked at the works, or even focused on Ingenuity 13 any more than hunting Alan Cooper or Salt Marsh. But I decided to try and help. Oh, and I guess the Prenda Law client VPR Internationale, also comes into play. Probably others.

Knowing that Steele likes to sue the internet, for making false statements, I will simply present the facts.

Continue reading on the Graham Syfert’s blog…

12/28/2016 Update: Unfortunately, this blog post was removed by the author, and it isn’t available on the Wayback Machine. On 6/3/2013, I received the following from the Pirate Bay folks (verified, the same email was also sent to TorrentFreak):

| 7529073 | Mommy Loves Cock #5
         | 2012-08-13 17:28:41 | |
| 7529137 | Sarina Valentina Fucked in the Kitchen [shemale]
         | 2012-08-13 17:40:33 | |
| 7529155 | – Scarlat Mendes – 2012.08.09
         | 2012-08-13 17:47:34 | |
| 7552199 | Alexis Texas sucks and fucks at a porn show [2012]
         | 2012-08-21 00:54:51 | |
| 7819909 | In Love with Jynx Maze – 10 scenes of this sexy young fox
         | 2012-11-13 01:35:40 | |
| 7825185 | – Andrezza Lyra – 2012-09-25 [shemale]
         | 2012-11-14 17:14:58 | |
| 7825203 | – Juliana Souza 2012-10-14 [shemale]
         | 2012-11-14 17:20:48 | |
| 7825260 | – Nicole Valentim 2012-11-06 [shemale]
         | 2012-11-14 17:30:30 | |
| 7832814 | Sexual Icon – 5 New Scenes of Nina Mercedez
         | 2012-11-17 00:31:14 | |
| 7844770 | [Vivid] 69 Scenes – Latinas Love Big Cocks (2011)
         | 2012-11-20 19:51:42 | |
| 7848258 | Allie Sin Megapack – Over 60 videos
         | 2012-11-21 19:46:21 | |
| 7892402 | Asian Bad Girls [2012]
         | 2012-12-06 00:56:18 | |
| 7912530 | Sexual Obsession [Split Scenes]
         | 2012-12-11 19:30:54 | |
| 7936734 | – 38 scenes
         | 2012-12-19 00:31:27 | |
| 7940008 | Sarina Valentina – Hot Sex on Bed 2012-12-18 [shemale]
         | 2012-12-19 23:03:32 | |
| 7968216 | Tory Lane Megapack
         | 2012-12-29 01:00:50 | |
| 8119701 | Tasha Reign Pornstar Pack
         | 2013-02-09 00:11:31 | |
| 8144465 | Look What I Found in the Street 5 [2004] [split scenes]
         | 2013-02-14 21:44:33 | |

username: sharkmp4

Hope it can help to identify if sharkmp4 is Prenda!

Comments from Mullvad VPN addresses — (strongly suspected) made by John Steele



wordpress counter


38 responses to ‘sharkmp4: the Prenda Law honeypot

  1. THE question is: do these “movies” show up on bittorent only AFTER Prenda or one of its incarnations purchases the rights for the movies?!

    • something something one movie registered with the copyright office 4 days after posting to TPB something something…..

  2. I doubt it’s Steele doing it himself, just doesn’t seem bright enough… but I’m sure whoever their computer guy is… Peter maybe, is the one who set them all up probably with VPN access…. the same one he uses to start up the honeypot!

    One thing that always bothered me about AF Holdings and buying up old movies. Why would these movies still be popular on bit torrent? If they were released years ago and the sites serving them are now long gone, who would decide to seed them at the same time they start logging IPs? A honeypot makes A LOT of sense when looking at Prenda’s new clients.

    • It could be for a number of reasons… They could portray it as new. They could put a misleading description in there. Even if you download it, start watching it, decide it sucks, and delete it, you’re already caught. Even if you don’t finish downloading it, you’re caught.

      If Prenda is responsible for this honeypot (and we can actually prove it), I see a lot of lawsuits being dismissed as frivolous (Assuming there are any left after April 2), considering they are the ones distributing the material for free.

      Here’s to hoping some solid proof can be obtained.

      Is there any update to the St. Clair County, IL case? They haven’t actually filed any suits there, have they?

  3. Wasn’t there some discussion on Twitter last night about X-Art’s latest video hitting p2p before it hit their own website? Now this for Prenda clients. In civil cases, it’s not beyond a reasonable doubt. If these films could reasonably be provided by the copyright holders for the purposes of litigation, you’ve got an unclean hands argument. Looks like there might be some ammo for the Malibu Media Does.

    • Of course in many of these cases they claim their system was hacked, so they would just say it was stolen from their system before it was posted.

      • But couldn’t a doe just request inspection of THEIR hard drives then for proof of this alleged hacking, a statement for which they provide absolutely no support. My guess (and opinion) is that they would fight tooth and nail to prevent such an investigation, as it would likely, in my opinion, reveal that these speculations of them seeding the files to begin with are true.


    sharkmp4 said………….

    RE: Copyright Infringement Notice
    In that mass-wildebeest analogy, after many river crossings, last year I ended up being the poor sap caught in the jaws of the alligator (on a porn file, of course). Unlike everyone else who posts on suprbay(?!) I decided to settle quickly (much less than $5000; it was a different group). My former ISP gave up my information after a subpoena, so the trolls had my IP address paired up with the file I downloaded, etc. Big talk about ignoring letters and harassing phone calls from the trolls is all well and good, but speaking from experience, it is VERY stressful to have an expensive lawsuit hanging over your head. I am not rich enough to fight an extended legal battle and would be wiped out by any significant judgment, and I am not about to martyr myself so some guy can steal tranny porn. US law is not as friendly for us as European law seems to be. I just feel like an idiot, though, for getting caught in the first place.

  5. I read the article and idk if anyone here can answer this question but i will ask it anyway.

    “However…..We still do not know how LW Systems and those other companies are gathering their information. But, if LW Systems is anything like Ingenuity 13 and AF Holdings, chances are that sharkmp4’s torrents might be the method of collection (as well as sharkmp4’s large collection of transsexual porn).”

    Lets say for a second LW Systems gets there IP’s from these torrents what would they be able to do to people who download them if they don’t own the right to them im guessing even if they purchase the licenses later on they cant sue you for downloading before they owned the rights to them it doesn’t make sense to me how that can happen. But im guessing that’s why when people receive these settlement letters they don’t say what site and especially what the name of the file is cause they dont own the rights to them it confuses me a bit to say the least that imagining these people get the ips from these torrents and before they even have licenses or whatever you call it for them they are trying to extort people. Im not saying they do get all the IPs in some cases like the LW Systems from one of these torrents but guessing they can and probably do cause it would bring more money idk how in the hell they would be able to sue you for downloading the files uploaded by “SharkMP4” if some of the most recent bogus companies they have been using own no rights to anything i dont they can turn around and give your info to the companies that own the rights and say hey we know someone infringed your work we know hes name and if you let us sue him on your behalf we can get cash for you because i would think they are breaking some kinda law getting our info through one bogus company and then turning around and suing you from a legit company if they have any.

    This is just a thought/question that i had after reading the article

    • Also one more thing i looked at the upload date of one of the torrents and looked at the copyright site 10 days after the video was uploaded they had the Registration number for copyright if im reading it right…i dont know if that says anything

    • I will try to give a response (and a finding!) based on what you said:

      They can certainly sue you for rights they didn’t hold at the time of the infringement, on behalf of the company that did own the true and legal right at the time. However, if they are suing on their own behalf for an infringement that occurred before their acquirement of the license, there is case law that states they will not be successful. I cite Davis v. Blige,—F.3d—, 2007 WL 2893003, 84 U.S.P.Q.2d 1353 (2d Cir. 2007), a Second Circuit Court of Appeals ruling in which they stated: “a license or assignment in copyright can only act prospectively.” Prospectively, in legal terms, means from the point of acquirement and going forward. Essentially the exact opposite of the phrase retroactively.

      If a defendant finds that the date of alleged infringement is prior to when the person bringing suit had ownership transferred to them, that would almost certainly be grounds for a dismissal. Note that I said transferred. The only way there’s a solid case for a retroactive suit is if it’s brought by the original owner of the work. For example, let’s say a person creates a video, sells it online, someone copies it illegally, the person files for a copyright after that. They could then persue the person who copied it illegally. If, however the process was: Person creates and releases copyrighted video, pirate copies it and distributes it, person who created video transfers copyright to another individual after that incident… the new copyright owner has much less ground to stand on in light of case law.

      This is my understanding as a layman, however, as I am not a lawyer.

      I want to address a part of what you said in particular:

      But im guessing that’s why when people receive these settlement letters they don’t say what site and especially what the name of the file is cause they dont own the rights to them it confuses me a bit to say the least that imagining these people get the ips from these torrents and before they even have licenses or whatever you call it for them they are trying to extort people.

      I agree that the settlement letters never mention a site, however all the settlement letters do seem to refer to what video it is they are claiming infringement on. Are you saying you got a settlement letter that didn’t indicate any information about the infringement whatsoever? That would seem weird because that would mean anyone could send out infringement letters without any information whatsoever and just hope the random people they sent it to had pirated something in the past and just made an assumption it was for one of those past piracies and that they would settle. However, I’ve not heard of them neglecting to name what title they’re suing for. In fact, they seem to like to prominently mention it in the hopes of shaming people into not being associated with the title.

      Your mention of no sites being named brings me to my finding. It might interest SJD, so I hope she reads it: In a previous lawsuit against the trolls, Spencer Merkel stated he had indeed downloaded the material in question – from a site called Cheggit. I recalled this when reading the sharkmp4 post above and, googling the terms together, found that sharkmp4 had also distributed torrents on Cheggit. The result can be found here:“cheggit”+”Sharkmp4” in which sharkmp4 says essentially that more of these torrents can be found on Cheggit. If it is indeed as Graham Syfert supposes that it’s a honeypot scheme, it was across various sites. I think it would behoove someone to contact the former Cheggit admin (perhaps the guy who runs Torrentfreak might know his details) and see if they could provide IP logs for sharkmp4, or whatever username uploaded Broke Amateur torrents. There’s a chance they still have the logs and backup of the site as it was a voluntary shutdown rather than one brought on by the government.

      • In my settlement papers from Guava LLC v. Skyler Case, there is no title or description of the work listed. Prenda (and other trolls) may list on some but not all.

        • yeah that’s what i was referring to when i said that like in the Guava or LW Systems ones they don’t say what file was downloaded in some case in the Guava ones it says something about The Pirate Bay so wouldn’t that being said with this coming out it may be one of those videos? Its just a wild guess cause in one of the Guava Settlement letters it say something about associated with “The Pirate Bay” and the only thing i see SharkMP4 sharing is videos

        • Ah, now I get what he was referring to. Those particular cases aren’t about videos, exactly… they’re more of a “hacking” case – so a video would not be listed. As has been explained elsewhere, this could simply mean they’re charging the defendants with accessing the website with an “ill gotten” username and password… so those wouldn’t apply to a bit torrent honey pot scheme.

          That isn’t to say, however, that those cases couldn’t be a part of a particular honey pot scheme. Picture this: a company wants to ensnare people in illegal access of their site. They create usernames and passwords that they then share in IRC and on adult password sites where hacked accounts are shared.

          That particular scheme would be much harder to track and prove… unless a defendant moved to discover what the hacked usernames were, then see if they could do research into who posted said usernames and passwords on the illegal password sites. Of course, even with the username you’d be hard pressed to find the original posting of the username and password – hence why it’d be much harder to prove than a torrent honey pot.

        • That’s slightly incorrect.

          The SUBPOENA said it was about hacking. The demand letters say it’s about downloading files on Bittorrent.

          Here is the original Guava demand letter in the Guava v Comcast St. Clair County case:

          Click to access guava-v-comcast-first-settlement-letter.pdf

          Note that it says you downloaded. The demand letter says NOTHING about hacking (which is the basis by which they got the subpoena). I think they’re adding the “someone stole our files” defense to counter this question about WHO seeded the files. They’re going to claim it’s a third party who “hacked” their system and distributed the files and that Bittorrent is a big hacking conspiracy against their company.

          That is, if they’re still members of the bar after April 2nd.

          I personally hope that Prenda lets this case go based on the fact that they’re going to get laughed out of court if they make the claim that Bittorrent is a “hacking conspiracy” and the fact that they obtained a subpoena under false pretenses HAS to be a sanctionable offense.

          Part of me wonders if the court would have held up Comcast’s objection if the subpoena had specifically said it was about trading files.

          I am not a lawyer. Nothing I’ve said should be construed as factual. Please draw your own conclusions. No substitutions, exchanges, or refunds.

        • To AnonymousDoe:

          I think the most likely situation is the following – They allege hacking, get peoples information and just send out the stock demand letters that are for their more overwhelming bittorrent suits. So, while the settlement letters state they are for downloading something off bittorrent, it’s likely just a point of laziness that they didn’t feel the need to draft a new letter specifically for “hacking.” Agree/disagree?

        • @Psychic Doe- that would make sense cause the few attorneys i spoke to said this wasn’t a torrent case they are saying people hacked there computers but then in the 2nd letter it said i was observed breaching the computers and distributing “the” illegal downloads…I don’t know what to say about the Comcast one, one person says its not a torrent case which is what people say a lot but then a few say its a torrent case in disguise but as i said i spoke to 2 lawyers one who is involved in the case and he said its not a torrent case which that person would have the best knowledge and would kinda explain them being too lazy to edit the letters cause when i spoke to the attorney i told them both but the letter says distributing files and they both said but the case isn’t about downloads or uploads its about hacking Guava’s computers..

  6. Now that was interesting. Cheggit was big but has now gone. A lot of the old Cheggit Crew now run a new site called Webop. A lot of the former uploaders moved to a site called Empornium.

    SharkMP4 is not on Empornium or Webop.

    I may know someone who can help with Empornium if anyone has details. I asked and heres what he gave me on the IPs listed

    4 users show up under the listed IP’s. 2 are banned and 2 inactive. None have uploaded anything. They may just have been VPN users.

    He hates copyright trolls too especially porn ones.

    • I believe, if the records still existed, that the movie in question in the HDP v 1495 case was more than likely uploaded by this same IP.

      • No! That’s making the assumption that an IP address corresponds to a person (Which is exactly what we’re trying to establish is NOT the case)! Unfortunately there’s a reason sneaky people use VPN’s on the Internet, and this is one of them.

        Unless there’s a full lawsuit with discovery against the hansmeier brothers’ “forensics” company and they FIND torrent-making tools and VPN tools and records of them being on those sites, unless Sharkmp4 can be tied directly to them, we unfortunately probably can’t prove it’s them.

    • About empornium:

      Mommy Loves Cock – Description: One from the Mommy Loves Cock series, best scenes are with Mandy Bright and Christy Fox. The ending of the last scene is abrupt but it’s taken as is – the scene is actually pretty much finished anyway. Check the screens for more. Source is DVD and format is XviD, split scenes done by sturmvogel from empornium (cut properly).

      You can figure this out, I guess.

      • Yeah i had the user in question researched. Basically zero chance this is one of the Prenda Pond Scum.
        Static IP not in the us among other flags.

        Was worth checking though 🙂

  7. “Knowing that Steele likes to sue the internet, for making false statements, I will simply present the facts.”
    This is slanderous and incorrect; I do not like to sue the internet for making false statements!
    You’ll hear from my lawyer!
    Oh, wait, I am a lawyer. Whose bright idea was that?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s