Administrators of the uTorrent forums have published a security advisory on their site, alerting users of an intrusion into their forum database that allowed an unknown attacker to steal details about their users, including password hashes.
is a BitTorrent client, the most popular one today, which was created by Ludvig Strigeus and then acquired by BitTorren Inc. Just like any software application, the developer team runs a forum on their site where users can make requests, read announcements, or get in touch with the developers or each other.
Two days ago, on June 6, the uTorrent team announced an intrusion into their forum, of which they were made aware by their forum software vendor.
uTorrent runs an IP.Board forum on the cloud-based service provided by Invision Power Services.
The vendor informed them that one of their clients suffered a breach and that the attacker escalated his access to other Invision customers, including uTorrent’s account.
uTorrent recommends forum users to reset passwords
The company told uTorrent that the attacker downloaded user information. It is yet unknown what type of data the attacker accessed and downloaded, but the uTorrent team is considering all passwords compromised, even if these were hashed to protect their content.
“As a precaution, we are advising our users to change their passwords. While the passwords may not be used as a vector on the forums, those hashed passwords should be considered compromised,” a part of thereads. “Anyone using the same password for forums as well as other places is strongly advised to update their passwords and/or practice good personal security practices.”
The uTorrent forum has more than 385,000 registered users., Invision Power Services introduced a security update for the IP.Board forum platform, but it is currently unknown if this was the attacker’s entry point.