What.cd, one of the various "replacements" that have sprung up since OiNK's rather dramatic closure has most definitely had it's fair share of problems, multiple hackings of the tracker, injections of RIAA pages, shock pages, all the expected kind of things for a popular site with a security hole.

However, a rather odd twist has befallen the site, after the admins realized that the hacks were coming not from a SQL exploit, but from their backed Database server, which someone appeared to have compromised. So, after moving the database to their main server, they thought their troubles might be over... but as it happens with the internet, they were not.

A user came into their IRC channel to sell the email list of the site, obviously to provoke reactions, and it turns out that he did in fact have a full copy of the database. After eventual discussions, he went away for a while.

Next, a nice email pretending to be from the RIAA came to all users of the site, fairly well forged from the Dutch RIAA offices, but it wasn't quite perfect, and after some work with whoising and looking up users IPs and hostnames, the admins have concluded that the user sending all these emails, and threatening the site, is in fact a 14 year old and his brother, from the United Kingdom.

Read all at ZeroPaid.