A collective called Afghanistan Hackers published a 675Kb file containing the usernames and passwords of thousands of RevTT (RevolutionTT) users. The information allegedly stolen from the private BitTorrent tracker has been posted on The Pirate Bay.
“From Civilized Afghan Socity, of course we do have stupid Talibans also but we do have very well educated people living in beautiful Kabul City. RevolutionTT.Me (RevTT) Database Hacked by Afghanistan Hackers !!! Everyone, login to your favorite account, change the password and enjoy the site,” the hackers wrote next to the file.
“A Special Thanks Goes to the US and NATO for supporting Afghanistan kicking Taliban out of Afghanistan and kicking Pakistani Terrorists out of Afghanistan too,” they added.
Immediately after news broke out, a lot of users started abusing the credentials, logging in to accounts to download content and to send out invites.
You may be wondering why we wrote “possibly hacked” if the username / password combinations do work.
Well, the hackers claim to have published 50,000 credential sets. However, in reality there are only 19,000 contained in the file.
that many RevTT customers are reporting that the information is not fresh. Many users state that the passwords from the leak are their old ones, which they changed some time ago.
Furthermore, a close analysis of the credential sets indicates that there are just over 8,000 unique combinations. One TorrentFreak reader highlights that the dump contains multiple passcodes for a single username, which indicates that the information has been somehow sniffed during the login process, via malware or phishing.
Moreover, the site’s admins insist that they were not hacked and even started deleting all the forum threads in which users were complaining about the incident.
The fact that RevTT’s administrators claim that the site hasn’t been breached reinforces a theory according to which the leaked details are actually from a database backup, this being a dispute between the tracker’s operators.