Slashdot Mirror

← Back to Stories (view on slashdot.org)

uTorrent Forums Hacked, Passwords Compromised (torrentfreak.com)

Posted by msmash on from the another-day,-another-hack dept.

Popular BitTorrent client uTorrent's forum, which has over 388,000 registered members and sees tens of thousands of visitors each day, has been hacked. TorrentFreak reports: The uTorrent team was alerted to the issue by one of their vendors earlier this week. While the vulnerability didn't originate at the uTorrent forums, it was indirectly compromised. "The vulnerability appears to have been through one of the vendor's other clients, however it allowed attackers to access some information on other accounts. As a result, attackers were able to download a list of our forum users," uTorrent writes. The security alert is posted in the forums but as far as we know users haven't been notified individually. There is no mention of the massive security breach on uTorrent and BitTorrent's social media accounts either.

25 comments

  1. Nice of them not to notify users directly by gorbachev · · Score: 1, Insightful

    No notification from them in my email box.

    I don't visit their forums daily, so a flash message on their forums isn't gonna do me any good. I suspect a very large majority of the registered forum users are inactive users like me.

    --
    In Soviet Russia, I ruled you
  2. uTorrent is still alive? by Anonymous Coward · · Score: 1

    Ever since they loaded their program with advertising, I stopped using them.

    1. Re:uTorrent is still alive? by basecastula+ · · Score: 1

      Exactly. Once I got turned on to transmission, I never turned bacl.

    2. Re:uTorrent is still alive? by Anonymous Coward · · Score: 0

      Once you go bacl, you never go black?

    3. Re:uTorrent is still alive? by Dunbal · · Score: 1

      I have an older version before the ads, and I keep clicking "no" when it wants to update.

      --
      Seven puppies were harmed during the making of this post.
    4. Re:uTorrent is still alive? by Anonymous Coward · · Score: 0

      Actually, I should even say "Ever since they bloated their micro program with advertising...", since, you know, the "u" is actually the Greek letter mu, which stands for micro (small).

    5. Re:uTorrent is still alive? by Anonymous Coward · · Score: 1

      You know you can just turn off updating in the settings, right?

    6. Re:uTorrent is still alive? by boudie2 · · Score: 1

      Still using utorrent 3.0 - works a charm!

    7. Re:uTorrent is still alive? by Anonymous Coward · · Score: 0

      I hope you do realise that version 3.0 has a remote code execution security vulnerability. CVE-2015-5474

    8. Re:uTorrent is still alive? by Anonymous Coward · · Score: 0

      Why would you bother doing that when you can just click "no" when it wants to update?

  3. I say let them burn by Anonymous Coward · · Score: 0

    uTorrent became ridden with malware and adverts a long time ago. I don't pity them.

  4. Least of your problems by Anonymous Coward · · Score: 2

    If you're using uTorrent I think the forum being compromised is the least of your problems. If you've got uTorrent installed your whole PC is compromised.

    1. Re:Least of your problems by Anonymous Coward · · Score: 0

      Tell me about it. Had it installed on a Windows machine. Uninstalled it. Next boot, back it came. Uninstalled again, removed all references I could find in the registry, all exes I could track down. Rebooted. Back it came. Ended up reinstalling Windows. Fortunately it was a VM that I wasn't using for anythign else, so if it was a malware version doing something nasty it was limited in what it could do.

  5. uGET for the win! (and it's FOSS!) by Anonymous Coward · · Score: 0

    http://ugetdm.com/

    "uGet is a multi-platform app for Linux, BSD, Android & Windows (XP - 8)"

  6. Re:Remember, only APPS can app apps! by Anonymous Coward · · Score: 0

    Since LUDDITE uTorrent used a LUDDITE forum instead of an appy app, LUDDITE hackers could hack their LUDDITE forum in two mouse clicks! If uTorrent used an appy app, then everything would be super appy, and LUDDITE hackers wouldn't have a clue!

    Apps!

  7. I never understood why people join torrenting fora by Anonymous Coward · · Score: 0

    Even when they're not hacked, they're potentially massive honey traps. Suppose the operator of the forum is secretly working for the MPAA, collecting info and biding his time? What if he was an honest pirate, but later changes his mind? What if someone puts political or judicial pressure on him?

  8. Re:I never understood why people join torrenting f by bigfinger76 · · Score: 1

    Networking 101. Pay particular attention to the bit on VPNs.

  9. I know I shouldn't have used my Banking Password by Anonymous Coward · · Score: 0

    on the utorrent forums... now I might get a two factor attempt that I have to ignore

  10. Through one of the vendor's other clients by manu0601 · · Score: 1

    The say they were compromised "through one of the vendor's other clients". Time to talk about could security?

  11. hahahq by Anonymous Coward · · Score: 0

    hahahahahahahahahahahahahahahahahahahah torrenterz and forumz died in a fire. good fucking riddance.

  12. People still use uTorrent? by ocsibrm · · Score: 1

    Honestly after all the adware nonsense and bloat I gave them up a good long while ago. I'm not really sure why anyone would particularly need to use their forums as well. Been using Deluge for at least a year+

  13. hahaha jokes on the hacker by Anonymous Coward · · Score: 0

    he is probably mining bitcoin as we speak!

  14. Re:I never understood why people join torrenting f by Anonymous Coward · · Score: 0

    So what? Neither Torrents, Torrent clients, nor Torrent forums have anything to do with copyright violation.

  15. Re:I never understood why people join torrenting f by Anonymous Coward · · Score: 0

    Copyright infringement may not be the only thing torrents are used for, but to say that they haven't got anything to do with it is a lie and you know it.
    It also doesn't change the fact that if you're a police (or other) agency investigating copyright infringement, and you could use a torrenting forum as a honeytrap, that would help your investigation a great deal. It would get you a list of potential suspects, and for those who after more investigation remain on the suspects list, their participation in the forum can help build a profile to strengthen the case against them.