Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42869
  • Total Topics: 16078
  • Online Today: 3869
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Samker
« on: 21. May 2007., 21:24:44 »

The Pirate Bay announced on Friday that an attacker exploited a security hole in the peer-to-peer directory's blogging software to copy a list of the site's usernames and passwords.

The site, which allows visitors to search for files offered by members via a BitTorrent peer-to-peer network, currently has 1.4 million members that offer for download -- or "seed" -- various videos, audio and game files, many of them pirated. While site operator Peter Sunde, who uses the pseudonym "brokep," warned users to change their passwords, he also said that decrypting the password file will likely take a long time.

"We still prefer people to change their passwords from time to time," Sunde stated in response to comments left on the Pirate Bay's blog. "All the passwords are encrypted very hard, so (are) the emails and so on. As someone pointed out in on Digg, we've been through raids before, and we know that we want to protect the users."

The Pirate Bay is a well-known BitTorrent tracking site started by a Swedish anti-copyright organization in 2003, but became managed separately by "dedicated individuals" in October 2004, according to the site's published history. Swedish authorities raided the organizations servers, based in Stockholm, in May 2006, but the torrent tracker was back online three days later.

According to Sunde, some "kids" found an SQL injection vulnerability in the site's blog and used it to compromise the system. The Pirate Bay detected the attack, but Sunde would not give details about the intrusion. The site's operators also found that the attackers had submitted the file containing the account information back to the Pirate Bay's torrent tracker.

The operators of the site apologized on Friday for the security breach. "Sorry for the mess, but we are all human and we miss something sometimes," Sunde stated.

SecurityFocus
Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising