Mangabank “Suffers DDoS Attack” & Disappears Following Legal Action

Share
  • November 9, 2021

Last week we reported that a San Francisco law firm acting for Japanese publisher Shueisha had filed an ex parte application at a California district court.

The application, which sought discovery of information for use in a foreign proceeding (28 U.S. Code § 1782), targeted a number of websites believed to act as file-hosting repositories for pirated manga works.

According to the publisher, the content contained in the sites – ssl.axax.cloud, ssl.advx.cloud, ssl.akkx.net, ssl.sdox.cc, ssl.standardcdn.net, ssl.lsh.buzz, ssl.appx.buzz, ssl.asiax.cloud, ssl.appsx.cloud – were indexed by Mangabank.org, an extremely popular manga downloading resource that until recently enjoyed in excess of 81 million visits per month.

Mangabank Disappears

The application, which seeks the help of both Google and Hurricane Electric to identify the people behind the domains, is yet to be granted. That being said, a major goal of Shueisha already appears to have been fulfilled. At the time of writing, Mangabank and the associated domains listed in the discovery application are all down and presumably out.

It seems logical to link the legal action with the disappearance of the connected services but, according to someone who communicated with TorrentFreak from an email address registered with one of the affected domains, something else could have played an important part.

Earlier DMCA Subpoena Forced Cloudflare to Hand Over Information

In March this year and well in advance of the recent discovery request, Shueisha sent Cloudflare a copyright infringement complaint containing a laundry list of infringing content, all of which was reportedly stored on the domains listed above. The publisher asked Cloudflare to “immediately disable access” to that content but whether that actually happened is unknown.

Within days, Shueisha followed up with a DMCA subpoena application filed at a California court. The company provided a copy of the copyright infringement notice sent to Cloudflare and demanded that the company hand over “information sufficient” to identify the persons infringing its works so that Shueisha could protect its rights under the Copyright Act. The DMCA subpoena was issued by the court on April 5, 2021.

Mangabank’s Cloudflare Protection Compromised

Last week in the wake of the most recent discovery request, Mangabank went down. It initially cited maintenance issues but in an email to TorrentFreak sent from one of the domains obtained via Hurricane Electric, someone connected to the site claimed that its ability to protect itself from attacks had been compromised.

According to the source, the earlier DMCA subpoena resulted in Cloudflare handing over its backend server IP address, an address that had previously only been known to people within the team. That is a simplification, of course, since the address was also known to Cloudflare but with the handover of information, the address potentially became available to an unknown number of additional entities too.

What followed in recent weeks was a sustained DDoS attack on its backend server, the source added. The attack was allegedly traced to AS9370 SAKURA Internet Inc. and had a peak value of ~50Gbps/s.

Certain additional claims relating to the source of the attack were also sent to TorrentFreak but after we sought additional evidence, none of which was provided by the person connected with the operation, we feel it’s inappropriate to repeat them here.

What we can say is that the source believes that if Cloudflare had not shared the IP address, the attack would not have happened. While that remains a question for now, a plausible explanation of how the IP address may have entered the public domain could lie in documents presented to the court as part of the most recent proceeding.

A declaration filed with the court by Shueisha (pdf) contains a copy of Cloudflare’s response to the DMCA subpoena filed earlier this year. Among other things, it contains IP addresses, email addresses, and login times related to the domains and user Shueisha is trying to track down. If one of those IP addresses was subjected to a DDoS attack, the necessary information was made available through the court.

Mangabank Appears to Have Operated From China

With Cloudflare’s protection now gone, searches on Mangabank’s main domain now lead to an IP address located in China. That is not a surprise. Shueisha’s most recent request for discovery revealed that when Cloudflare handed over information in response to the March DMCA subpoena, one of the IP addresses was indeed linked to China.

Obtaining discovery from China wasn’t an option though since, under the country’s e-commerce laws, telecommunication companies and access providers can’t be compelled to disclose the identifying information of internet service users. That’s why Shueisha took its discovery requests to the United States, which at least to some extent, appear to have proven fruitful.

Whether the apparent demise of Mangabank and associated entities will have any effect on Shueisha’s legal strategy moving forward remains to be seen but the company recently said it would file a lawsuit in Japan or potentially in China against whoever is behind the operation.

From: TF, for the latest news on copyright battles, piracy and more.

Source :

Mangabank “Suffers DDoS Attack” & Disappears Following Legal Action