Some of MegaUpload's file-sharing websites, once seized by the Feds, are now serving up porn and allegedly malware – after Uncle Sam's finest failed to renew one of its own domains.

Netizens surfing to two of the five ex-MegaUpload sites are greeted with a page containing multiple links to malware downloads, a fake BBC article advertising cheap iPhones, and so on, apparently.

The issue stems from the loss of the cirfu.net domain, which was used to host the FBI's name servers. CIRFU stands for the Feds' Cyber Initiative and Resource Fusion Unit. Once upon a time, the cirfu.net servers pointed domains, such as the seized MegaUpload sites, at FBI-controlled websites.

At some point, the FBI failed to renew its ownership of the domain, and cirfu.net was sold off to a self-described "Black Hat SEO" specialist who said he purchased the domain from GoDaddy at auction.

That gave the new owner of cirfu.net control over the seized domains, such as the collared MegaUpload sites.

Serves me right for buying expired domains from the Fbi. http://t.co/h6s6L1tVfO is the domain in question. Google that bitch. — Earl Grey @ Syndk8 (@syndk8) May 25, 2015

The FBI seized MegaUpload domains in 2012 as part of a criminal investigation into MegaUpload and its founder Kim Dotcom. Though his business has been dismantled and his assets are frozen, rotund Dotcom has yet to appear in a US court as he fights extradition from New Zealand. He faces a deportation hearing next month.

The founder of the MegaUpload empire was quick to gloat over the FBI cock-up. ®

The FBI killed #Megaupload and seized our domains. Now they have lost control and http://t.co/9Qud4d8xWp is linking to porn, malware & scams — Kim Dotcom (@KimDotcom) May 28, 2015