Pierluigi Paganini June 08, 2016

The μTorrent team announced its community μTorrent forum has been hacked. Hundreds of thousand records belonging its users have been exposed.

Are you a Torrent user? Are you one of the users of the popular μTorrent Forum? You might be in trouble because the μTorrent Forum was hacked.

μTorrent is one of the most popular BitTorrent clients, the μTorrent website accounts for more than 150 Million monthly active users. The μTorrent community forum that has over 388,000 registered members and it is visited daily by tens of thousands of users.

The news was confirmed by the μTorrent team that announced its community forum have been hacked. Hundreds of thousand records belonging its users have been exposed, including personal details and hashed passwords.

The μTorrent team urges the members of the community forum to change the password immediately, according to the official statement released by μTorrent hackers have exploited a vulnerability in one of the vendor’s other clients.
“On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums.
The vulnerability appears to have been through one of the vendor’s other clients, however it allowed attackers to access some information on other accounts.”

“As a result, attackers were able to download a list of our forum users. We are investigating further to learn if any other information was accessed.Our vendor has made backend changes so that the hashes in the file do not appear to be a usable attack vector. As a precaution, we are advising our users to change their passwords. While the passwords may not be used as a vector on the forums, those hashed passwords should be considered compromised. Anyone using the same password for forums as well as other places is strongly advised to update their passwords and/or practice good personal security practices.” reported μTorrent. 

It is not clear at the moment which is the third party software involved in the incidents, the colleagues from THN highlighted that in case the software is Invision Power Board, then many other popular discussion forums might have also been hacked.

“μTorrent and other BitTorrent forums are also using Invision Power Board software and if the unnamed vendor in question is Invision Power Services Inc., then hundreds of popular discussion forums might have also been affected.” explained Mohit Kumar, founder of THN.

The μTorrent team is currently still investigating the security breach, at the time  was writing there is no information regarding the exact number of exposed records.

As usual, if you are one of the users of the popular forum change your password now, and change the password also on all the other websites where you shared the same login credentials.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – μTorrent Forum Hacked, data breach)