The administrators of the RevolutionTT (RevTT) private torrent tracker issued a statement to let their customers know that the site was not hacked. They revealed that the website and the tracker were taken offline as a precaution measure after operators learned of Afghanistan Hackers’ claims.
According to RevTT representatives, the attackers may have leveraged a cross-site scripting (XSS) flaw to collect the credentials.
“At this time there is no reason to believe the site, tracker, or any RTT servers were compromised. A thorough investigation was launched and we have determined that the site is secured and was not hacked,” they stated
“There are some theories, one of them and the most logical being there may have been a XSS (Cross site scripting) vulnerability that was being utilized against RTT users before HTTPS browsing was forced on the tracker some years ago.”
They highlight the fact that many of the accounts from the dump are duplicates, and that many of the passwords are missing or old. The accounts that have been accessed using the leaked details have been “looked at and addressed as needed.”
“Passwords are NOT stored in clear text and never have been. Your account is secure. Your IP address(es) are secure. Your e-mail address is secure. No information was leaked from RTT directly,” RevTT staffers explained.
To prevent unfortunate situations, all user passwords have been reset, customers being required to change them by using the password recovery feature.
In order to avoid the use of downloaded torrents by unauthorized individuals, the passkeys have also been reset. Furthermore, all the recently-sent invites have been nullified.
Finally, according to a notification displayed on the site’s main page, another security measure has been set in place. Users will no longer be able to browse the website via http
, from now on all communications being protected by a secure SSL/https connection.