The 'Dota 2' forum was hacked in July, and we're just now hearing about it

Dota 2 3
If you’re a member of the Dota 2 forum connected to the popular multiplayer online game, now would probably be a good time to change your password for the site and possibly for other online services as well. A new breach notification site called LeakedSource reports that the forum was hacked on July 10, 2016, exposing 1,923,972 records, each containing an email address, an IP address, a username, a user identifier, and a password.

According to the report, the forum’s passwords are stored on Valve Software’s servers using MD5 hashing and a salt, the latter of which is random data injected as an additional input into the password to help “scramble” the information. However, the outdated MD5 isn’t exactly the most secure algorithm for hashing a password, as it’s notably filled with vulnerabilities and can be reversed by a brute-force attack. LeakedSource said it managed to convert over 80 percent of the hashed passwords to their plain text values.

“It’s a fast and memory-conserving algorithm,” stated a response in a Stack Exchange thread a few years ago. “That means an attacker can compute the hash of a large number of passwords per second. Using specialized hardware (like FPGA arrays or ASICs) worth a few thousand dollars you can compute the hashes of all possible 8-character passwords for a given salt in mere hours.”

On the email front, the report reveals a list of 56 email domains that were used to register for the Dota 2 forum. The top 10 include Gmail with 1,086,139 users, followed by Hotmail, Yahoo, Mail.ru, Outlook, Sina, Ymail, Cmail, AOL, and MSN. The report adds that the list also includes quite a few disposable emails, meaning they’re simply temporary and likely used only for this specific forum.

Additional reports point to Valve Software’s use of an older version of the vBulletin software used to run the forum. Evidently, there’s an SQL injection vulnerability in the platform, allowing hackers to inject SQL statements into an entry field to execute a command, such as to dump the forum’s database contents into one large file to download. SQL is a programming language used to manage data in a database management system.

Dota 2 players worried about hackers gaining access to their account credentials can search LeakedSource’s database by heading here. If by chance your information is indeed in the Dota 2 data pool, or in any other leaked database in possession by LeakedSource, you can remove this sensitive info from the site’s copy for free. However, your information will still be in the hands of hackers.

The first report provided by LeakedSource appears to be March 30 of this year, stating that Mate1.com was hacked in October 2015. LeakedSource obtained a copy of the site’s database containing 27,403,958 accounts. Passwords were reportedly stored in plain, visible text, revealing that the site wasn’t using any type of encryption to protect user accounts. The most used password was “123456” followed by “123456789” and “123.” Seriously?

So far Valve Software has not issued a statement regarding LeakedSource’s report of the July Dota 2 forum hack.

Smart Home

After camera hacks, Nest locks customers out until they change their password

Nest is locking people out of their accounts if it believes there may have been a breach. Users will have to set up a new, secure password before they are able to regain access to their account.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Computing

Chrome is a fantastic browser, but is is still the best among new competitors?

Choosing a web browser for surfing the web can be tough with all the great options available. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most users.
Emerging Tech

Statistician raises red flag about reliability of machine learning techniques

Machine learning is everywhere in science and technology. But how reliable are these techniques really? A statistician argues that questions of accuracy and reproducibility of machine learning have not been fully addressed.
Computing

Dodge the biggest laptop-buying mistakes with these handy tips

Buying a new laptop is exciting, but you need to watch your footing. There are a number of pitfalls you need to avoid and we're here to help. Check out these top-10 laptop buying mistakes and how to avoid them.
Computing

Great PC speakers don't need to break the bank. These are our favorites

Not sure which PC speakers work best with your computer? Here are the best computer speakers on the market, whether you're working with a tight budget or looking to rattle your workstation with top-of-the-line audio components.
Computing

The rumors were true. Nvidia’s 1660 Ti GPU, a $280 powerhouse, has arrived

Nvidia has officially launched the GTX 1660 Ti, its next-generation, Turing-based GPU. It promises to deliver all the performance and efficiency for all modern games, but without stepping into the high price range of the RTX series. 
Computing

Confused about RSS? Don't be. Here's what it is and how to use it

What is an RSS feed, anyway? This traditional method of following online news is still plenty useful. Let's take a look at what RSS means, and what advantages it has in today's busy world.
Computing

Everything you need to know about routers, modems, combos, and mesh networks

Modem vs. router: what's the difference? We explain their functions so you can better diagnose any issues prior to contacting technical support. We also talk about a few variants you'll see offered by ISPs and retailers.
Computing

Metro Exodus update brings DLSS improvements to Nvidia RTX 20-series PCs

Having issues in Metro Exodus? A February 21 update for the title recently delivered enhancements to Nvidia’s deep learning supersampling feature and other fixes for low-specced PCs. 
Computing

Limited-time sale knocks $500 off the price of the Razer Blade Pro 17

Looking for an ultra-powerful laptop for yourself or someone else? You're in for some luck. Razer is running a sale on some of its best gaming laptops, cutting down pricing on the Razer Blade 15 and the Razer Blade Pro 17. 
Emerging Tech

Engineer turns his old Apple lle into an wheeled robot, and even gives it a sword

How do you give new life to a 30-year-old computer? Software engineer Mike Kohn found a way by transforming his old Apple IIe into a wheeled robot. Check it out in all its 1980s glory.
Gaming

Want to play as Iron Man or Waluigi in GTA V? Our favorite mods make it possible

Grand Theft Auto V is best on the PC for many reasons, and modifications may be the most important. You can cause riots, spawn unique cars, and play as a cop with just a few extra files.
Computing

Does the GTX 1660 Ti's leaner design make it a better GPU than the RTX 2060?

Nvidia's GTX 1660 Ti is a new Turing GPU without ray tracing or DLSS, but how does it compare to its RTX brethren? We pit the 1660 Ti versus the RTX 2060 to find out in this comparison.