uTorrent Forum latest casualty in Hacking Gone Wild

When you open the official uTorrent web forum right now, a security advisory notifies you that forum data has been compromised and that attackers were able to download the forum user list.

Users of the forum should consider passwords used on the forum as compromised even though they have not been available in clear text but as hashed passwords.

The company suggests to update all third-party accounts where the same password has been used, especially if the same username or email address was used as well.

uTorrent Forum

The full announcement reads:

On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums.

The vulnerability appears to have been through one of the vendor’s other clients, however it allowed attackers to access some information on other accounts.

As a result, attackers were able to download a list of our forum users. We are investigating further to learn if any other information was accessed.Our vendor has made backend changes so that the hashes in the file do not appear to be a usable attack vector.

As a precaution, we are advising our users to change their passwords. While the passwords may not be used as a vector on the forums, those hashed passwords should be considered compromised. Anyone using the same password for forums as well as other places is strongly advised to update their passwords and/or practice good personal security practices.

The announcement highlights that the attackers managed to use a vulnerability on another client of the forum vendor to attack the uTorrent forum indirectly and grab the list of users from the site.

The forum is powered by Invision Power, a company that is offering enterprise services such as managed plans and an enterprise platform that hosts forums.

Additionally, it is unclear currently if other data has been dumped as well.

The uTorrent forum has over 380,000 members according to TorrentFreak, and is visited by tens of thousand of users daily.

Apart from the direct damage caused by the hack, there is also a chance that the data may be used to identify users and link them to posts they have made on the forum.

One possible outcome of the hack could be a series of ransomware / phishing / social engineering emails, for instance emails claiming to have been sent by law enforcement agencies.

The uTorrent Forum hack is just one in a series of hacks that originated in 2016 or came to light when hackers offered huge password databases on the darknet.

Was one of your email addresses or accounts listed in one of the hacks? What did you do to resolve the issue?