Black Hat Briefings


Thousands of uTorrent Accounts Available on TheRealDeal Market

utorrent-hack
initial breach is being sold by a user named “doubleflag” for $600. Doubleflag’s listing contains emails and passwords for 394,769 uTorrent forum users.
In June 2016, a security alert was issued by the uTorrent team in which they strongly advised the members of the forum to practice good personal security practices and modify their passwords following a breach of their database.
What they omitted to bring to light is the fact that the breach had occurred about six months ago in January.
Your TOR usage is being watched
After the security alert, little more information was divulged concerning the issue and slowly it was pushed to the back burner.
Fast forward to September and the repercussions of the security breach, of which the magnitude had not been revealed in the security advisory, have begun coming back to the clueless uTorrent users in the form of close to 400,000 compromised uTorrent accounts that have just been availed for purchase on TheRealDeal Market.
Breached Database Going for $600 on the Dark Web

Nearly 400,000 uTorrent Accounts For Sale On TheRealDeal Market
Nearly 400,000 uTorrent Accounts For Sale On TheRealDeal Market
A user known as “doubleflag” is apparently selling the breached database for $600 on TheRealDeal Market.
According to reports from HackRead, doubleflag is in possession of the sensitive information for 394,769 uTorrent accounts which include email addresses and passwords for each all of which are available on TheRealDeal Market.
His listing also contains passwords encrypted with the Secure Hash Algorithm 1 (SHA-1) while some possess the much weaker MD5 hashes.
uTorrent’s Security Alert Issued Too Late
TheRealDeal Market vendor doubleflag confirmed that indeed the data was obtained during the first security breach which occurred in January 2016, according to TorrentFreak.
The ill-timed security alert from uTorrent has raised more than a few questions, however, seeing that it came six months after the initial breach, albeit some figures might be a tad off the mark...
Security site Haveibeenpwned also confirmed that the data breach responsible for the accounts on sale on TheRealDeal Market took place in January. Amidst claims that uTorrent had no clue when the data leak occurred, it is worth mentioning that they did not indicate that the data leak had occurred in June.
The omission of the information concerning the exact timeline of the breach, however, remains a pertinent matter.
The Security Advisory
BitTorrent was only made aware of the security breach involving the vendor which powers its forums on June 6, months before the compromised information was put on sale on the dark web.
They explained that the breach could have stemmed from one of the vendor’s other clients and that it made their forum vulnerable and allowed hackers to access sensitive information from other accounts.
Following the breach, the hackers downloaded a list of its forum users which then posted for sale on TheRealDeal Market.
uTorrent claimed to have been taking emergency security measures where they made backend alterations that removed the vulnerability posed by hashes in the file.
Apparently, they were continuing to follow up on the matter to gauge the amount of information that was compromised...
In light of the events, they advised their forum users to consider changing their passwords entirely.
They went on to confirm that user accounts with hashed passwords had been considered compromised despite the fact that passwords are not liable to be used as attack vectors on the forum.
They touched on users who use similar passwords for different accounts saying that they were strongly advised to use new passwords as a measure of good personal security practices.
For the uTorrent users whose information is on sale on TheRealDeal Market, there is not much that can be done to reverse the damage of the data breach. The best way forward according to security experts would be to ensure that the compromised password is not in use across other platforms and websites.
Despite the ill-timed nature of the security alert, one cannot fault their call to practice good personal security practices from here on out.

Comments

Post a Comment

Popular posts from this blog

Dark Web Enables Easier Access to WMDs

Image
Dark Web Enables Easier Access to WMDs The UN’s Head of Disarmament Affairs raises concerns over the dark web, specifically how it has made it easy for terrorists to access WMDs. The head of the UN’s Disarmament Affairs, Izumi Nakamitsu, has expressed concerns over the potential availability of weapons of mass destruction (WMDs) on the dark web. According to Nakamitsu, the deluge of weapons and technology that is available for purchase or hire on various dark web markets makes it a lot easier for terrorists and other non-state actors to get their hands on dangerous WMDs. A well-visited criminal hotspot, the dark web is known for its underground marketplaces where illegal goods—both digital and physical—are bought and sold using cryptocurrency. While the majority of dark web markets, sites and forums generally have low entry barriers, a few require a more exclusive, invite-only membership to gain access to. Nakamitsu’s chief concern is the threat terrorists c...
Keep reading

Some of the Biggest Hacks Ever

Image
Some of the Biggest Hacks Ever Biggest hacks ever occurred in our modern day history A lot has happened in the cyber world over the past decade, and a lot more is still going on. Below is a list of some of the biggest hacks that have occurred in modern day history, and their corresponding impact on both parties of the attack. 1. WannaCry Just recently, the world witnessed a widespread ransomware attack that hijacked some high-stakes entities, which involved government institutions, multinationals, private companies and many more. When the virus took control of these systems, it would demand payment of $300 USDin the form of Bitcoins, to be delivered over a span three days. Failure to pay the ransom within the said number of days would make the required payment double to a sum of $600USD. And after a duration of six days, and no payments were made, then the files would be automatically deleted from the system. The virus caused a major shakeup for the affected enti...
Keep reading

Black Hat Briefings

Image
Messaging App Kik Launches Its Own Cryptocurrency Messaging app Kik just announced that it would be launching a new cryptocurrency called Kin, to be used to buy digital services within the app. On May 25, Kik Interactive announced that the firm would be introducing its own cryptocurrency, which will enable users to purchase digital services on its platform. Messaging app Kik just announced that it would be launching a new cryptocurrency called Kin, to be used to buy digital services within the app.Kik Interactive is behind the “Kik” messaging service based in Canada. The free messaging and chat app, founded in 2009, is geared towards a teen demographic......... It boasts of around 300 million registered users. The proposed cryptocurrency is called “Kin,” a short form of Kinship or community. The plans to launch the cryptocurrency are currently underway and the company’s officials expect the system to debut sometime this year. The firm did not reveal how ...
Keep reading