my HDBITS account was attacked and stolen

[n00bz0r]

[RedRansom]

That just means your security fails. Not the tracker's. No one, I guarantee you, no one can "hack" your account. It just isn't worth the effort.

A hacker that has the wits to hack the database and find your password, would rather just simply add an entry about himself. That's that. What you're suggesting is insane, you're suggesting a hacker bypassed tracker email change security, which could have simply been a bug, or the wrong way that waffles' code handles such outgoing emails by sending an email and disabling it from the database straight off.

I've been in the passwords/trackers business for quite a while, and I've only heard of one friend's account hacked, and that's simply because he gave the password out to people. Simply as that, no questions asked. He might have as well gotten keylogged (which could have happened in your case), but then again that's his fault, not the tracker's.

maybe you are right , but you have to know i used password like : iotpLaXEyO , and i dont type it since i use firefox so its registred in my firefox (maybe he got it from here) , if so why he didnt get other more higher and interssting trackers and i use kaspersky IS 2010 full update so maybe i have to change it now ...
also what about the mail? i didnt confirmed the changement of mail and the mail is changed to his mail?!

It doesnt really matter what you have used special char etc or how long your password lenght... if you got what i mean.

[ca_aok]

maybe you are right , but you have to know i used password like : iotpLaXEyO , and i dont type it since i use firefox so its registred in my firefox (maybe he got it from here) , if so why he didnt get other more higher and interssting trackers and i use kaspersky IS 2010 full update so maybe i have to change it now ...
also what about the mail? i didnt confirmed the changement of mail and the mail is changed to his mail?!

It doesnt really matter what you have used special char etc or how long your password lenght... if you got what i mean.

That's not true at all, though the risk is somewhat negated since most trackers only give you a few login attempts before banning your IP.

Any of your passwords should be over 8 characters, contain upper/lower case and numbers, if not special characters, and shouldn't be a dictionary word.

In this case it wouldn't matter because he probably got keylogged, but it's still not a bad idea.

[FreeCandy]

In future, learn how to use Hijack, IceSword, Comodo with defense+, Sandboxie and limited accounts on machine.
This problem wont happen again if you learn a few things.

[Jollanda]

Did you gain your accunt back? Did you find any mod on the IRC?

Hope everythig worked out ok for you

[anon]

In future, learn how to use Hijack, IceSword, Comodo with defense+, Sandboxie and limited accounts on machine.
This problem wont happen again if you learn a few things.

Don't forget common sense. Shady executables that do "nothing" when run are often up to no good, even if your antivirus doesn't cry.

Fortunately, I keep all my tracker passwords in a KeePass database. You could also use the on-screen keyboard to type them if you suspect the computer may be keylogged.