Just letting everyone know that nTorrents . Supposedly they have gotten hacked. I'm not staff or anything just a member, so I don't know all the details, and also who knows they might come back.

-------------
* technovert has changed the topic to: NTorrents.net CLOSED | if you have accounts at scenehd or F*N, please change your password

<technovert> no they had hacked ntorrents the first time successfully on july 11th
<technovert> they had administrator level access on the site until July 14th
-------------

They are saying they have found the exploit and have fixed it.. nTorrents is now back up, be cautious though and if you have been to the site in the past week, may want to change your passwords, to be safe.

Never used it but RIP

Didn't they change their name a month or so go? Either way, what's special about scenehd and FtN to warrant a special warning for those users? Doesn't make sense; if passwords were compromised then the warning should be one given out to users regardless of what other tracker accounts they own.

Didn't they change their name a month or so go?

I think the plan was to create a separate tracker from its ashes, which would indeed have a different name:
http://filenetworks.blogspot.com/2010/05/ntorrents-to-shut-down-plans-to-launch.html

I think the plan was to create a separate tracker from its ashes, which would indeed have a different name

Bingo. Of worthy note:


The raffle is currently closed, the eta for PWN is early July-ish and ntorrents invites are closed atm, so #nt-invites isn't being used.

Thanks for the positive write up though, we appreciate it.

So they got hacked right about when they had an estimated time for pulling the plug on the site?

Something smells fishy, and it's not "hooked: Real Motion Fishing." :whistling

They are now saying nTorrents is back up.. found and removed the exploit. Proceed with caution aren't completely sure if there are more. Also people should probably change their passwords.

Yeah. From what we can tell everything is fine as of now. The situation is being monitored closely.

technovert
ntorrents.net sysop

New site should launch very soon, can't promise anything but we're looking at in a few weeks probably.

Analysis of the code of the iframe exploit that was used it attempted to script to ftn and scenehd.org to send invites if you had them. So as long as you were not logged into those sites at the time you visited ntorrents.net within the 3 days the exploit was present you are fine. I recommend people use unique passwords for every site that you visit and use adblock and no script. No script would have prevented this attack if the users had it installed and on. Even if ntorrents.net was whitelisted.

Yeah. From what we can tell everything is fine as of now. The situation is being monitored closely.

Thanks for the explanation. :yes:

You do know who the user is at least, or have a way of getting to him, right? I mean his script obviously lead to a legitimate email address at which he was planning to harvest the invites.

The users involved are well known to other trackers. This is not the first time or the last time they have pulled these stunts. The actual damage is likely minimal if at all because its very unlikely users during the timeframe the exploit was live visited ntorrents.net and executed it while logged into FTN and/or scenehd.org. I do not believe there is any risk to the passwords on those accounts at this time, but advise users to use unique passwords for all sites and chance them on the affected sites. Mainly I advise them if they had invites on the above sites to watch for suspicious invite activity.

I posted the following advice for our users to help them address any implications of this exploit: While its at a very basic level of security, there may be people who benefit from this information.

While the events of the last few days may have caught everyone off-guard. I would like to arm our user base with some preventative measures to help address the current situation.

While we do not at this time have reason to believe that our database was comprimised, I still advise users to change their passwords on the following sites. FTN, SceneHD and NTorrents.net. Passwords should be randomly generated and never stored in clear text or written down. Databases like 1passwd and Keepass can be very helpful. You should select one unique, as long as possible, random password for each site. Do not use the same password from more than one site.

While we believe the threat has been addressed, hundreds of eyes are better than the handful of staff. Should you notice anything suspicious please notify our staff immediately.

Browsing:
I recommend Firefox + No Script + Adblock. This would have prevented this exploit even if ntorrents.net was whitelisted.

PC Security:

I recommend having an up-to-date firewall and antivirus software.

Remember tracker staff should NEVER ask you to reveal your password or other personal details.

Browsing:
I recommend Firefox + No Script + Adblock. This would have prevented this exploit even if ntorrents.net was whitelisted.

Opera users have BlockIt + Fanboy's blocklist. You can also choose to disable iframes on a per-site basis.

A team of Israeli hackers has recently in the last 3 days exploited a vulnerability on the site. They have been banned. Steps are being taken to secure the server. I cannot discuss the nature of the vulnerability or the steps being taken to prevent a similar occurrence in the future.

If you had accounts on: SceneHD.org or FTN the attackers were using an iframe exploit to attempt to gain access to them. Please change your passwords on these sites. There will be more information in the future.

EDIT: After analysis of the exploit. They were only attempting to send invites from these sites if you had them, please watch your accounts for suspicious invite activity.

This shook our community hard and rest assured staff is working hard to get this resolved. This seems like a terrible time to ask for donations, but desperate times call for desperate measures and our hosting situation is changing. Please utilize the donate.php link at the top of your screen if you can spare money or at least some words of support in the forums. Together we can emerge stronger than ever and launch PWN.

technovert




Update: 07-15 - posted 1 day ago
PWN will be launching very soon. Please await further updates here. To launch PWN we have some upcoming expenses (IRC and a server move). Please dig deep if you can and help us, recent events have expedited some of the plans for the future. Thank you to those who have contributed past and present (not just financial). I believe this site can pull together and emerge stronger and better than ever.

Donate here. (http://ntorrents.net/donate.php)

Also we need to remain vilgilant throughout this time. Although I do not believe there are any more immediate threats to the site or its members. Should you see anything that does not seem correct please contact staff on IRC or via PM.

Edit: Some further offsite discussion here.
http://filesharingtalk.com/threads/420619-nTorrents-Down (http://filesharingtalk.com/420619-nTorrents-Down)

technovert



From n-torrents

site is up