The 'Dota 2' forum was hacked in July, and we're just now hearing about it

Dota 2 3
If you’re a member of the Dota 2 forum connected to the popular multiplayer online game, now would probably be a good time to change your password for the site and possibly for other online services as well. A new breach notification site called LeakedSource reports that the forum was hacked on July 10, 2016, exposing 1,923,972 records, each containing an email address, an IP address, a username, a user identifier, and a password.

According to the report, the forum’s passwords are stored on Valve Software’s servers using MD5 hashing and a salt, the latter of which is random data injected as an additional input into the password to help “scramble” the information. However, the outdated MD5 isn’t exactly the most secure algorithm for hashing a password, as it’s notably filled with vulnerabilities and can be reversed by a brute-force attack. LeakedSource said it managed to convert over 80 percent of the hashed passwords to their plain text values.

“It’s a fast and memory-conserving algorithm,” stated a response in a Stack Exchange thread a few years ago. “That means an attacker can compute the hash of a large number of passwords per second. Using specialized hardware (like FPGA arrays or ASICs) worth a few thousand dollars you can compute the hashes of all possible 8-character passwords for a given salt in mere hours.”

On the email front, the report reveals a list of 56 email domains that were used to register for the Dota 2 forum. The top 10 include Gmail with 1,086,139 users, followed by Hotmail, Yahoo,, Outlook, Sina, Ymail, Cmail, AOL, and MSN. The report adds that the list also includes quite a few disposable emails, meaning they’re simply temporary and likely used only for this specific forum.

Additional reports point to Valve Software’s use of an older version of the vBulletin software used to run the forum. Evidently, there’s an SQL injection vulnerability in the platform, allowing hackers to inject SQL statements into an entry field to execute a command, such as to dump the forum’s database contents into one large file to download. SQL is a programming language used to manage data in a database management system.

Dota 2 players worried about hackers gaining access to their account credentials can search LeakedSource’s database by heading here. If by chance your information is indeed in the Dota 2 data pool, or in any other leaked database in possession by LeakedSource, you can remove this sensitive info from the site’s copy for free. However, your information will still be in the hands of hackers.

The first report provided by LeakedSource appears to be March 30 of this year, stating that was hacked in October 2015. LeakedSource obtained a copy of the site’s database containing 27,403,958 accounts. Passwords were reportedly stored in plain, visible text, revealing that the site wasn’t using any type of encryption to protect user accounts. The most used password was “123456” followed by “123456789” and “123.” Seriously?

So far Valve Software has not issued a statement regarding LeakedSource’s report of the July Dota 2 forum hack.


Netgear says exploit that led to stolen documents was fixed a long time ago

Hackers were able to steal classified military training and maintenance documents following a breach of a standard Netgear router that still maintained the default administrator password.

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.

Chrome is still our favorite browser (but Firefox is catching up!)

Choosing a web browser for surfing the web can be tough with all the great options you have out there. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most…

Apple’s sticky key problem isn’t going away on the 2018 MacBook Pro

Sticky keys will likely continue to be a problem for owners looking to purchase Apple's 2018 MacBook Pro. While the laptop comes with a quieter keyboard, Apple did not provide an engineering fix to address problems with unresponsive keys.

Hackers allegedly used cryptocurrency in attack against Clinton campaign

An indictment filed against Russian military intelligence officers reveals that the group allegedly used cryptocurrency to remain anonymous in a scheme against the Clinton campaign. They used digital coins to pay for their website.

Google Chrome now consumes more memory due to a new Spectre fix

Version 67 of Google’s Chrome browser for Windows, Mac, Linux, and Chrome OS now includes a new security feature called Site Isolation. It protects web surfers against Spectre-based attacks on the internet, but for a price.
Product Review

It took 3 years, but 'Destiny 2' is the bigger, badder shooter fans clamored for

Bungie has applied three years of Destiny lessons to Destiny 2, and the result is a fun, varied multiplayer experience that wastes a lot less of players’ time.

Google is replacing some Pixel 2 handsets due to faulty rear cameras

Google’s Pixel 2 smartphones have plenty to recommend them, but they’re not perfect. We've rounded up the most common Pixel 2 issues and Pixel 2 XL problems here and identify workarounds or fixes to help you cope with them.

Microsoft is digging itself a hole by giving away free Surface Docks

Microsoft is giving away a free Surface Dock with the purchase of a Surface Book 2 or a Surface Laptop. If you have a Surface Book 2 15-inch, however, that free gift might turn you off.

Ripple is a different kind of cryptocurrency. Here's how to buy it

Need to know how to buy Ripple? You've come to the right place. In this guide we'll walk you through the process step by step, as well as offer an alternative for those who want to get more hands-on with their trades.

Apple fixes its battery drain issue with iOS 11.4.1 update

Apple's iOS 11 is the latest version of the company's mobile operating system, but it still has some issues to be worked out. We've searched the internet to find the biggest iOS 11 problems, along with some potential solutions.

Apple's third iOS 12 beta may help you save a lot of data

At this year's Worldwide Developer Conference, Apple unveiled its latest operating system, iOS 12. From app updates to group FaceTime, ARKit 2.0, and more, here are all the new features in iOS 12.

Frustrated ‘Splatoon 2’ player hijacks leaderboard to call out cheaters

A frustrated Splatoon 2 player recently hijacked the game's leaderboards to call out Nintendo for its lack of anti-cheat protection in the game. Cheaters have become prevalent over the last few months.

Alexa for PC invades your notebook, signs a truce with Cortana

We took a look at Alexa for PC running on the first notebook to ship with Amazon's digital assistant pre-installed, the Acer Spin 5 convertible 2-in-1. Does she add value to the Windows 10 platform?

That’s not Nathan Fillion’s voice you hear as Cayde-6 in ‘Destiny 2: Forsaken’

It turns out Cayde-6 wasn't voiced by actor Nathan Fillion in the Destiny 2: Forsaken trailer. Fillion was unable to reprise his role for the DLC, so Nolan North, the voice of Ghost, stepped in for Fillion.

Lost without Print Screen? Here's a few ways to take a screenshot on your Mac

Whether you prefer to use keyboard shortcuts or applications such as Grab and Preview, this guide will teach you how to take a screenshot on a Mac. Once you know how, you'll be able to capture images within seconds.

Brother’s new INKvestment Tank printer is made for people who hate buying ink cartridges

With a new ink cartridge design, Brother's new INKvestment Tank printer can run for up to a year before the cartridges need replacing -- ideal for users who want convenience and cost-savings.

Relive 1998 as live chat rooms roll out across Reddit in a limited beta

Reddit is slowly rolling out real-time chat rooms across a limited number of subreddits. Currently in beta, Reddit Chat went live in 2017 for a small group of around 7,000 users. Reddit is now expanding this service.

Intel’s 9th-generation processor could launch next month with 8 cores

Intel may be readying its ninth-generation processor for a launch that could happen as early as next month. Code-named Coffee Lake, these chips will bring eight-core processing power to the mainstream.

Here are 5 free alternatives to Photoshop for all your photo-editing needs

Photoshop is a capable program, but it's also expensive. Lucky for you, there are plenty of great alternatives out there that allow for a range of versatility, without requiring you to break into your bank account.

Spotify vs. Pandora: Which music streaming service is better for you?

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.