Information wants to be free indeed…
In an unprecedented data breach, tens of thousands of usernames and passwords from large private BitTorrent tracker RevTT have been leaked onto the Internet. The attackers, who call themselves Afghanistan Hackers, leaked the user/pass combinations via The Pirate Bay. The initial response from RevTT was to censor all discussion of the data breach, even as hundreds – possibly thousands – of accounts were being used without their owners’ permission.
RevTT is short for RevolutionTT, a private BitTorrent tracker that was founded around 6 years ago with a reputation for indexing a wide range of content. It is unclear exactly how many users are on the site since its operators appear to hide stats from regular user view. However, all the indications suggest that there are at least 40,000 and very probably tens of thousands more.
While the ‘hackers’ claim to have the entire RevTT database along with 50,000 user/pass combinations, the text file uploaded by Afghanis actually contains around 19,000 pairs.
Very quickly people who had downloaded the torrent started logging into RevTT using not only regular accounts but those of so-called VIPs who have access to exclusive sections of the site.
While some undoubtedly decided to grab whatever content they could, others carried out other activities including sending out invitations to people who aren’t already members. Worse still, all details of the compromised accounts were available to the intruders including email addresses, statistics and all activity associated with the accounts.
Needless to say, if users maintained the same username and password on other sites their accounts elsewhere immediately became vulnerable. Judging by the number of users who used the word “password” as their password, the chances of major screw ups seems high.
After trying to alert site staff, TorrentFreak watched as panicked users (don’t worry, it’s just a copy) learned of the breach and posted their concerns in the forums, begging site staff for information. Site staff responded by quickly removing all discussion of the breach, banning the accounts of people posting in the thread.