Külföldi torrent oldalak RevolutionTT | RevTT News

A témát ebben részben 'Torrent oldalak hírei' Dark Angel hozta létre. Ekkor: 2012. szeptember 21..

  1. Dark Angel / Guest

    On 2012-09-18 at 22:00 GMT RTT Staff was notified that it was a potential target of the hacker group “Afghanistan Hackers”

    As soon as our Sysops became aware of this issue the site and tracker were taken offline as a precautionary measure.

    At this time there is no reason to believe the site, tracker, or any RTT servers were compromised. A thorough investigation was launched and we have determined that the site is secured and was not hacked. There are some theories, one of them and the most logical being there may have been a XSS (Cross site scripting) vulnerability that was being utilized against RTT users before HTTPS browsing was forced on the tracker some years ago.

    Of the accounts listed many were duplicated in the list, had no passwords, were old passwords and even disabled/inactive accounts. We do know very few accounts were accessed and the accounts in question have already been looked at and addressed as needed.

    Passwords are NOT stored in clear text and never have been.

    Your account is secure. Your IP address(es) are secure. Your e-mail address is secure.
    No information was leaked from RTT directly.

    We understand some accounts were accessed due in part to passwords that have not been changed in a very long time. Any changes in the past 24 hours have been rolled back and our Sysops will be actively monitoring activity on the tracker.

    With this incident what does this mean for our users?

    All users are being required to change their passwords. Please use the password recovery feature to receive a new password. Please use a password that is unique to RTT. Please be patient in getting the password reset email as alot of people will be doing this! This "attack" may have targeted other websites. It is recommended that you do not use the same password that you use on RTT on other websites.

    All passkeys will be reset with this password change to avoid use of downloaded torrents by unauthorized users. You will need to update your passkey on any existing torrents or simply re-download the torrent file.

    Any invites that were sent out recently are null and void. If you invited someone you will need to re-invite them.

    If you notice the following please notify staff immediately via IRC

    * Invitee list contains users you did not invite
    * Your ratio contains irregularities


    If you have any further questions or concerns please let us know and we will help you, please be patient as there are a lot of users asking for help regarding this incident. Our staff is made of volunteers and we help out in our spare time. If you do not get an answer on IRC please use the Contact Staff button on the Staff page and we will reply as soon as we can.

    Long live the Revolution!!
    -RTT Staff