Information provided by a torrent monitoring outfit suggests that pirates are linked to places where you don't expect them. To the U.S. Department of Homeland Security, for example, which helped to take down KickassTorrents website a few months ago.

Due to the public nature of BitTorrent transfers, it’s easy to see what people behind a certain IP-address are downloading.

Last month we reported about a new website that puts this information on public display. According to its operators, this information can help rightholders and law enforcement to track down pirates.

In response, we decided to do some field work to see if downloads are also linked to IP-addresses registered to more unusual locations, and the answer is YES.

To the Department of Homeland Security, for example, which helped to bring down KickassTorrents a few months ago. While it’s not a place where you would expect people to be torrenting, the spy tool suggests otherwise.

We could easily spot several IP-addresses that list over a dozen recent ‘downloads’ of copyrighted material. This includes popular films, TV-series and music, but also porn and far more worrying content.

The screenshot below lists an overview of the recent torrents that are tied to a single Homeland Security IP-address. As you can see, it lists several files including the film ‘Gone Girl’ and ‘Bad Santa.’ But we’ve also seen a copy of the film Let’s Be Cops and a discography of the heavy metal band Dio.

A few DHS ‘downloads’



It’s worth mentioning that BitTorrent monitoring tools are regularly discredited for being prone to errors. They often don’t check whether a full copy has been downloaded, for example.

Mistakes also appeared in the ‘I Know What You Download‘ database, which previously listed downloads for several non-routable IP-addresses they picked up via DHT tracking (see update).

However, the company’s Marketing director Andrey Rogov is confident that the DHS IPs are indeed sharing (parts of) these files (see update).

“These reports are accurate,” Rogov tells us. “They contain information about the downloading or distribution activities of IP-addresses, for all torrents which we could classify for the last 30 days.”

The company also provided us with extra information showing combinations of specific ports and IP-addresses, which refutes the defense that a tracker added these IP-addresses as fake data.

Since Homeland Security employs more than 230,000 people, finding a pirating IP-address is hardly a surprise. In fact, there are many more in the ‘I Know What You Download’ database. This is also true for other United States Government branches.

Take The House of Representatives, for example, where adult material, Snoop Dogg, and several movies are listed as recent downloads. Again, that’s just the tip of the iceberg.

A few House downloads



In the end, the most sensible conclusion is that you’re going to find pirates in any large organization or institution. Even in the very place that just dismantled the largest torrent site on the Internet.

Update: It appears that the DHS IP-addresses we included in this report are no longer routable. It’s unclear whether they were at the time the downloads were reported.

In any case, technically it’s always possible that they were spoofed or otherwise inaccurate.

Update: The tracking company was also unable to get a recent TPC dump from the DHS IP-address. We therefore can’t verify the accuracy of the reported “downloads.”