Evidence of Matthers' trading activites and DDoS on HDBits.org
Matthers is an invite/account trader, duper and was responsible for a DDoS on our site and tracker, together with some of his fellow Freshon staffers. This attack lasted for 5-6 days. You want evidence? We have it. We've been able to gather a lot of evidence on him in the form of direct confessions of his invitees, sometimes even accompanied with Paypal screens proving the transactions took place. There is not a single shred of doubt in our mind that Matthers is a trader. Therefore, I would highly recommend everyone to stay away from Freshon.
Recently I posted something on our own forum (https://hdbits.org/forums/viewtopic?...005105#1005105) to warn our users of the type of staffers that are running that particular site. And to adhere to our rules, which is not to offer nor request invites to Freshon. At some point soon thereafter, it was reposted to Reddit. This, in turn, lead to a sustained DDoS attack that lasted from 22-27 March. We now believe that Matthers and his buddies at Freshon were responsible for this attack, based on the following evidence:
According to various sources. At the behest of Matthers there has been a sustained effort to bring HDBits down in retaliation to a Reddit post where we expressed our concerns about his (and in fact Freshon.tv) general behavior in the community.
Further, we have had reports from others where Matthers was gloating how he managed to bring the site down.
The outright malicious nature of this, brings us no choice but to publicize the evidence that we have of Matthers activity. We, are a site that is designed for the mutual appreciation of our members; not for commercial profiteering, which is what Matthers and his cronies are trying to accomplish.
Part of the DDoS attack, came from servers that we know that are directly linked to Matthers and/or other staff at Freshon. This was done by gathering reports from both the mitigation service we now have installed and other trackers showing activity from the following IPs.
** IP's censored for Reddit **
There are various other IPs that are linked to Romanian accounts on other trackers. In HDBits all these IPs belong to Fiona's account, also a fellow staffer on Freshon.
We are aware that the evidence provided in this post may yet again have Matthers resume the DDoS attacks, so if HDBits goes down in the near future, consider that extra evidence of Matthers' nefariousness.
For us, this attack is reason to release the actual evidence of Matthers being a trader. And that evidence is plenty. When we found out that Matthers had been selling his HDB invites, we treebanned him. After this, the confessions from his buyers came pouring in, sometimes even accompanied with paypal screenshots.
Matthers has been acting as middleman for several big traders (Factotum, f.ricky, etc), which is how they operate. They're using 'lieutenants' to avoid getting caught. The lieutenant, in this case Matthers, has access to invites, while the big traders have access to a large network of buyers. This is how they usually operate.
Matthers had 22 invitees from which 6 confessed. That may not seem like a lot, but, ask any other tracker staff, confessions are rare, so 6 is a lot. Note that the majority didn't even come to IRC. We realize that HDBits is a sought after tracker, so not even bothering showing up to try and recover your account is strange, to say the least. The number of confessions outweigh the number of denials from the subset of people who came to IRC. Besides, we don't need 21 confessions to establish that he is indeed a trader.
The irc log includes everything related to Matthers. Both confessions and denials, so it's up to you to make up your mind about this. Note that we pardoned hops in exchange for a confession + paypal screen. You may be able to see that he's disabled anyway. This was not a trick on our part, but one of the conditions of this pardon was that there can be no more secrets and no more trading in the future. In this case he simply sold his HDB account after he was pardoned, so he was later disabled.
The evidence itself
The invitee list from Matters:
The irc log from our support channel: https://hdbits.org/matthers/log_censored.txt (Gaps are denoted with three dots)
The paypal transactions from 3 buyers (censored for Reddit):
Mail from Factotum to an invitee, with instructions what to say to us:
"Try to recover first. Go in irc and ask them what happened. When they will ask you how do you know the inviter (Matthers), tell them that you know him from freshon.tv for about a year ago. He's a good guy etc under no circumstances do you admit that you bough the invite."
Matthers has had another HDBits account in the past, from 2011-2012, with the username Uffie. We know that this was him, because the emails used on that account matched up perfectly with email Matthers used on another tracker, which was friendly enough to confirm that those were Matthers' emails on that tracker. This account has also been sold, which is why he was disabled. This was probably his first HDBits trade.
Matthers shared GoRaPiD's (now pruned) HDBits account. He admitted this in irc when disabled: 19:56 <+Matthers> Its true that I've got one in the past..Uffie
19:58 <&LB06> You have logged onto IRC with the same registered nick from two different HDBits accounts.
19:58 <&LB06> Matthers and GoRaPiD
20:01 <+Matthers> I'm not gonna lie. This is true as well. Gorapid is a friend of mine and he shared his account with me. But since MM created my account,I gave up to Gorapids account
20:02 <+Matthers> I'm terrible sorry
Uffiie later turned out to be traded as well, unless he moved from Romania to the UK to Canada to China.
I think at this point it's completely and utterly undeniable that Matthers is in fact a trader. And it's not only limited to Matthers, but GoRaPiD (now pruned) used to share his account with Matthers. And both GoRaPiD and Fiona (who are Matthers' colleagues over at Freshon(!), regularly invited people for Matthers.
Now why should this convince you to stay away from Freshon, even though arguably, content=content? First of all, it has to do with security. How can you trust a group of staffers that willingly and knowlingly endanger the security of other trackers? Who is to say they don't log or store all your passwords in plaintext and use that to 'hack' account on other trackers such as HDBits? This is by far the most common method of 'hacking' an account; simply trying passwords from other (torrent) sites. Also, the moment private trackers start DDoS'ing and otherwise harming other trackers, we can say it's the beginning of the end for p2p. First IPTorrents, now this?
I post this publicly on Reddit, so Matthers has the opportunity to refute any evidence from this post. In fact, I invite him to come out into the open and discuss this matter with us in a public forum.