thank you bithdtv for storing my password in an unencrypted txt file. im really glad i can see others passwords too.
if you have a bithdtv account, please post in this thread with your email address and let us know if you have a paypal account. i want to put these passwords to good use, thanks.

i hope this has nothing to do with the multiple sct accounts you are giving away in the invite section.
you are giving away some really nice accounts, i hope they were all yours.:)

if he does, they will be disabled soon anyway i guess

lol

Everyone who has account in Bit-HDTV, please change your pass EVERYWHERE. A lot of your guys info is clearly visible in the Internet :(

How do you know all that? How can someone access others' passwds?

I had to recover my passwd since it didn't work!
Do you think a hacker caused all that?

Whoever was on Bit-HDTV IRC at the right time saw that file :|

Recover was for safety reasons to change yer pass.

it's obvious he must of seen this, he has given away, and is still giving away too many accounts for all them to be his.

^ I was thinking the same thing :|

the funny thing is someone stole one of the accounts lol

I just signed up few days ago... Not workin' for me... Really strange...

^ You have to use 'recover'

ok ..that was really fucked.
i personally thank the original poster cause there was a big chance of not knowing it until if he didnt existed...

bit hdtv fags...pretty poor all the effort you did with the new stylesheet and the whole coding issues.
FU.

Seriously? Is there proof, I just had to reset my PW.

rotlflmao.
im having the list in front of me with thousand username passes dude...
thats totally fucked up.

i just feel sorry for guys WHO WONT find it out soon...and have same paypal passwords.
:(

Either way, using stolen account information, at least here in the US, is a federal crime, even if it is to just a downloading site. It is considered a form of identity theft, and has some pretty stiff penalties.

im such a dumbass i used the same password here as i did on bithdtv

dont blame tottaly your self...
ok ...its a little bit foolish...
but we couldnt know there would be so many idiots to trackers' staff...
fortunately i dont have the same pass no where cause i had bad issues before a year :/

so its a good thing you got hacked into then and now you are smarter
hangemhigh is going to learn his lesson now :)

Either way, using stolen account information, at least here in the US, is a federal crime, even if it is to just a downloading site. It is considered a form of identity theft, and has some pretty stiff penalties.

I'm sure the fbi is on the case :lol: I hope you realize that downloading copyright files in the US probably has worse penalties.

I have no idea why these sites don't stay on top of the latest exploits. They should at least use some sort of hash instead of plain text.

lol i just realized that a ton of people here could be arrested for using stolen account info on sites... so nice job anyone who got an account from mforcex

If i obtain a new account i use always recover.php and reset my password and then i have for each tracker unique password, which i can find in my mail :) It is easy and comfortable :)

ermmm..k good for you.
but believe...if a kiddie targets you...there is no fucking way to avoid him.
trust me :P

idiots, grrrrrr took me FOOOOOOOOOOOOOREVER to reset my passwords

Does the list have peoples email as well?

If this happens on any trackers can it be reported here? That is not cool! Even though i am not a member, i cant belive that can happen? Heard it was very secure!

Does the list have peoples email as well?
doesn't matter, once you log into the account
the emails in the profile.

Does the list have peoples email as well?

No it did not. Just username and passwords. Unfortunately many people use the same password on every account :/

here is the .txt file there are funny passwords there hahaha

I just saw the list and was amazed by the easy passwds that most users use.

A lot of them prefer the: "123456" or "123123" passwd!:wank:

[quote=terrorize;2203837]here is the .txt file there are funny passwords there hahaha


are you going to post this everywhere, i'm sure you have created more damage by showing this here.

Cmon everyone changed it already.
but as you say i changed it :)
its even posted on hdbits.

ppl just be smart and change ur passwords right now and never repeat the pass on any tracker

Shocking news really ,i also don't know how a site like HDbits allow the whole text to be posted in his forums? someone should delete for member's security

Is it Bit-HDTV or HDBits? Or both?

1. HDBits was hacked a while ago, but nothing has leaked, because passwords were hashed.
2. Logfile with usernames and passwords generated by login.php was stolen from Bit-HDTV. Accounts are being stolen everywhere (see mforcex and TorrentHaxor threads).

no wonder I can't login :(

Thanx Sir! Just people mix up the two sites, that caused me being puzzled.

1. HDBits was hacked a while ago, but nothing has leaked, because passwords were hashed.
2. Logfile with usernames and passwords generated by login.php was stolen from Bit-HDTV. Accounts are being stolen everywhere (see mforcex and TorrentHaxor threads).

bit-hdtv staff is really disqualified from torrent scene. they have to quit their job!

mhm.. bad news.. i hope somehow this should be fixed... did they really see my pass? i really don't understand what will be and why in almost all my trackers acc i see: your username or password is incorect... why i should everywhere change the pass?

1. HDBits was hacked a while ago, but nothing has leaked, because passwords were hashed.


you do not know that... and neither do i.. according to the masspm sent, he/she was not interested in the users.. that does not say anything about how passwords where stored...


never assume what u cant prove

1. HDBits was hacked a while ago, but nothing has leaked, because passwords were hashed.


you do not know that... and neither do i...


never assume what u cant prove

I trust HDBits staff, although i trusted BitHDTV staff as well and they failed miserably. So maybe someone has lost accounts back then.

this was in ScT and other trackers too? i don't understand why i see this: your username or password is incorect... in almost all trackers which i use..

this was in ScT and other trackers too? i don't understand why i see this: your username or password is incorect... in almost all trackers which i use..

u were on the list that published .... your account were hacked
whats your username....?

i recover my pass and now i have another pass.. but so i should change pass in all trackers which i use? All trackers were hacked? i use a lot of trackers and i don't want to lose them...

this was in ScT and other trackers too? i don't understand why i see this: your username or password is incorect... in almost all trackers which i use..

I guess you used the same username/password for all your accounts :cry:
Try the password recovery

of course i will try.. in ScT i use another username but the same pass... but i also got this what i said that username or pass is incorect.. i don't understand at all what happened..

of course i will try.. in ScT i use another username but the same pass... but i also got this what i said that username or pass is incorect.. i don't understand at all what happened..

Maybe someone bruteforced the site using sct's userlist and passwords of bithdtv members
This way even if you don't use the same username your account may be stolen

thnx for help.. my acc in ScT isn't stolen.. and i really hope that in all tracker which i use accs will not be stolen.. :(

change the password, BTW i found accidentally the list :)

i really hope that in all tracker which i use accs will not be stolen.. :(

If you used the same username and password on every account then they were more likely hijacked. Try to recover your password asap and hope no1 changed the email address on the account
:O

I havent logged to this site from last year i want to check it out if my username & password appear in the list can someone PM me the list pls

I think that there is a very issue for all trackers now.
A lot of people are on vacation and they probably have no clue that their accounts were stolen...

I am surprised why most of the trackers don't send a confirmation email to the old account when you try to change your registered email...
This is something that all the trackers should take into consideration DV8type.

Some have already disabled the option of email change.

I am surprised why most of the trackers don't send a confirmation email to the old account when you try to change your registered email...

Some have already disabled the option of email change.

I completely agree w/ you. We have had a hold on email changes for a while.

Unfortunately, some new trackers start up with the express intention of stealing usernames/passwords from unsuspecting users. Its funny, when ever there is a “New Tracker” thread in the invite section (warezbroz, etc.) people are greedy and jump in without much thought to the consequences. As you see not every tracker has good intentions. You never know, the next tracker you sign up on might even be set up by MP@@ or RI@@. There have also been many spoof websites popping up aswell.....
:cry::cry:
:blink::wacko:

We have had a hold on email changes for a while.


People do lose email accounts, therefore some way to change email is needed. Examination by a staff member, IP address check script etc.

I think that all the trackers should warn their users to change their passwds in case they were also BitHDTV members and use the same passwds on all sites.

I haven't seen a friendly reminder on any tracker so far!
Not even on BitHDTV, where they should have made an announcement of the risks they have put their member in...

Not even a single apology! Just a "Passwords were reset."...
A lot of people may believe that they are secure know or nothing really happened!

Can someone pls PM me the list to check if my username appear there, before i use the same password in one of my main email i used also in hdtv-bits.

the whole BitHDTV userbase was hacked Ac3Dunk.

-Never use the same passwd on your various trackers
-Never use the same passwd on your registered email with your tracker's passwd.
-Always use a strong passwd with every possible combination like that: 225#Vv#&(*.&*#?>>?24+_})!#*_%GJL[KG.Dd^^
-Store your passwds in a passwd protected file in a USB stick and use it only when you need it. Don't store it in your hard disk!
-Change your passwds periodically.

So, change your passwds ASAP!

-Store your passwds in a passwd protected file in a USB stick and use it only when you need it. Don't store it in your hard disk!


What if you loose the password to your passwords?

the whole BitHDTV userbase was hacked Ac3Dunk.

-Never use the same passwd on your various trackers
-Never use the same passwd on your registered email with your tracker's passwd.
-Always use a strong passwd with every possible combination like that: 225#Vv#&(*.&*#?>>?24+_})!#*_%GJL[KG.Dd^^
-Store your passwds in a passwd protected file in a USB stick and use it only when you need it. Don't store it in your hard disk!
-Change your passwds periodically.

So, change your passwds ASAP!

In that case it wouldn't have mattered whether he had "123456" or "225#Vv#&(*.&*#?>>?24+_})!#*_%GJL[KG.Dd^^" as password

I agree with the two first points, but then it's for the paranoid :P
Even a 8-10 letters pass will do, as long as it's not a common word...

We have had a hold on email changes for a while.


People do lose email accounts, therefore some way to change email is needed. Examination by a staff member, IP address check script etc.

I lost my email account once, but then i found it under the couch!:P

The best is have one email address with all account details and good password. My advice is: Use for every account /recovery.php script and you will have everywhere unique password and will have stored the passwords in your mail...

does anyone know if the issue has been resolved? or will the new batch of accs and recently-changed pws be available again unencrypted? If so, I don't want to waste my time with this tracker...:dry:

because of their stupidity, I have now lost my sct and finbytes account :(
the mail was stolen aswell :(!!!!!

^Shit mate I feel really sorry for you. Hopefully someone will help you, whoever can.

but what can i do??

can't log on to irc to talk to stff either :(

STOP REQUESTING THE.txt FILE!!!!
DO NOT PM ME ANYMORE!!!!

bit-hdtv is dead to me...

Bfietta how did they take your mail as well?
Have you been using the same username and passwd for all your trackers AND email? :fear2::w00t::blink:

How could they also know your 3pin finbytes code?

because of their stupidity, I have now lost my sct and finbytes account :(
the mail was stolen aswell :(!!!!!be fair to yourself. if you used the same passwords on those accounts then it serves you right.

because of their stupidity, I have now lost my sct and finbytes account :(
the mail was stolen aswell :(!!!!!be fair to yourself. if you used the same passwords on those accounts then it serves you right.
j0hn13 = mforcex?
hmmmmm??

you should NEVER use the password for your email on torrent sites, that is just plain stupid. I have several different and strong passwords for my main email,paypal etc etc

STOP REQUESTING THE.txt FILE!!!!
DO NOT PM ME ANYMORE!!!!

You shouldn't have put it in the first place :rolleyes:
You can always list the nicks of those who asked you for that file, most of them are probably account stealer wannabees :P
(seriously you could do that)



be fair to yourself. if you used the same passwords on those accounts then it serves you right.
j0hn13 = mforcex?
hmmmmm??

I think he just reacted on the "because of their stupidity"

be fair to yourself. if you used the same passwords on those accounts then it serves you right.
j0hn13 = mforcex?
hmmmmm??

I think he just reacted on the "because of their stupidity"
Yes, I just reacted to "because of their stupidity" and I'm not j0hn13 = mforcex. My username and password was on that list, but I don't care. I use unique password for every site and not like somebody I do not complain. Shit happens. Also I've seen people who complained that they lost their accounts or ratio because of this. But they joined the site after the leak.

i question the comprehensiveness of the list. i joined before the leak, however my acc name wasn't on the list :huh:

i question the comprehensiveness of the list. i joined before the leak, however my acc name wasn't on the list :huh:
This list was after all a custom log file and no user-database, at least that's how the picture was painted in the internal BiT-HDTV forums. It's possible that your login data didn't make it into the log for some reason.

does anyone know if the issue has been resolved? or will the new batch of accs and recently-changed pws be available again unencrypted? If so, I don't want to waste my time with this tracker...:dry:
The "issue" was resolved several months ago, the list is several months old. If people aren't in the list, it's probably because they joined less than 2-3 months ago.

According to the site staff, it's not known whether the code to log the passwords was put there by an ex-staff member or by a hacker. Either way, it was added nearly a year ago.

And for all of yous wondering/complaining why the site doesn't use the standard MD5 hashes in TBSource or store passwords as hashes, it does. This list was generated by malicious code logging everything entered on the login page.

Should I delete my BitHDTV account?

No, I joined less than a month ago and I am on the list. The list was still being added to up until july 27th. The list was formed basically by snooping EVERYTIME someone logged in, and writing their login info to a txt file before it was encrypted. There are several logins from the same people on the list which is evidence of this. Also, the list needs to be made REAL public, so that people know to change their shit.

No, I joined less than a month ago and I am on the list. The list was still being added to up until july 27th. The list was formed basically by snooping EVERYTIME someone logged in, and writing their login info to a txt file before it was encrypted. There are several logins from the same people on the list which is evidence of this. Also, the list needs to be made REAL public, so that people know to change their shit.
Agreed... I'm a member and I want to know if my shit got out there... :(

If anyone wants to know if their password was leaked, PM me and I will check. I really want the list to get out there, but on the other hand I would like if a version with the passwords half blurred out was released instead of releasing everyones login info. The list I have has full login info for thousands of people, and that is kind of sensitive info.

BTW, jkoz, you are on the list, a LOT.

Wonderful... hopefully this wont happen again :frusty:

Well, it's a mute point anyway. The list is still linked and available in the BiT-HDTV forums, which is, as you indicated, both a blessing and a curse. I was glad to see with my own eyes that my account data was missing .. because even though I try to use different names or passwords, there had been one or two possibilities up until today.

At last one official announcement and apology...
Better late than never... :whistling


We were hacked, just before the opening of the new site. We had planned to reset all passwords as soon as we launched BiT-HDTV v2, but unfortunately because we had a lot of other things to do, that this was mistakenly forgotten. It's not completely sure if it was something planted by a former coder or hacker resulting in this exploit, so it is not known for a fact if someone was actually abusing this. Passwords reseting was scheduled on this weekend, but yesterday dtg295 decided to spread all passwords through the net. That's why we reseted passwords yesterday. We are sorry for the inconvenience.

P.S. We have freeleech till weekend.

I first noticed the hack when after downloading a torrent one leecher kept uploading to me. At first I didnt think nothing of it. Three hours later I was concerned when I wasm still downloading from that user. I immediately blocked the ip address and informed the staff. A day later the same IP addrees was continuously trying to gain access to my PC. I changed my IP addrees and havent seen the hacker since. Hopefully the @zzhole shows up again, I have a little suprise for him.

lol, real sad.....they dont know who, what, when.....and people are still using that tracker?

@DV8 agreed, but I think it's the end for BIT-HDTV how could anyone trust them after this. I wouldn't have been affected if they did steal my password becuase I use a different one for everything but was pleased to see I'm not on the list none the less. It's the breach of trust due to their incompetence or worse maliciousness that is just unforgivable.

Well, it's a mute point anyway. The list is still linked and available in the BiT-HDTV forums, which is, as you indicated, both a blessing and a curse. I was glad to see with my own eyes that my account data was missing .. because even though I try to use different names or passwords, there had been one or two possibilities up until today.

those forums aren't the only place. I did a little creative googling and found it right away. A publicly-posted version with removed pw's would be a good idea just to get the word out to the unfortunate.

A publicly-posted version with removed pw's would be a good idea just to get the word out to the unfortunate.
Their is one out there and will ask if i can post it.

would be nice to see the list, to see if my name is on it :P

would be nice to see the list, to see if my name is on it :P

MaAiFu (http://filesharingtalk.com/vb3/members/maaifu-161973) is not! :noes:

List:
http://filesharingtalk.com/vb3/f-bittorrent-43/t-bit-hdtv-list-220224

^^^ Incomplete list.

I could compile a more comprehensive list but I don't have the txt.