1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

etoro Website Hacked

Discussion in 'General Forex Talk' started by Manav, Mar 23, 2012.

  1. Manav

    Manav Private

    Joined:
    Dec 30, 2010
    Messages:
    20
    Likes Received:
    0
  2. Pharaoh

    Pharaoh Colonel

    Joined:
    Oct 3, 2007
    Messages:
    19,685
    Likes Received:
    2,236
    There's nothing quite like that feeling that all your personal financial details are safe and secure with your broker. :p

    I'd recommend anyone with an account at eToro contact support and ask why this issue wasn't fixed as soon as zSecure reported it.
     
  3. kamal78

    kamal78 Recruit

    Joined:
    Mar 26, 2012
    Messages:
    6
    Likes Received:
    0
    So what the news on this subject? Is etoro safe to use ? I have a small account there.
     
  4. Pharaoh

    Pharaoh Colonel

    Joined:
    Oct 3, 2007
    Messages:
    19,685
    Likes Received:
    2,236
    Contact eToro and ask them if they've fixed the issue or not. Post their reply here.
     
  5. kamal78

    kamal78 Recruit

    Joined:
    Mar 26, 2012
    Messages:
    6
    Likes Received:
    0
    I did , when i've asked about database dump vulnerability support response was "What is that? I never heard of such thing" . They deny everything , even that the company zSecure have contacted them about this.
     
  6. PortFPA

    PortFPA eToro Representative

    Joined:
    Sep 20, 2010
    Messages:
    20
    Likes Received:
    0
    Hi Guys,

    The short answer is no. There's no cause for alarm:)

    The database that is shown in the screen caps of the site mentioned above, relates to the old version of our blog which is not active anymore. In addition, the blog (old OR new) contains only content and is NOT hosted on the same servers as our trader accounts. Thus, there is no security risk to traders and their financial transactions. Hope this helps!

    Laura, eToro Social Team
     
  7. Manav

    Manav Private

    Joined:
    Dec 30, 2010
    Messages:
    20
    Likes Received:
    0
    Laura! From your comment one thing is clear that eToro's security got breach even the screen-shots relates to your old blog but still the fact remains they have got access to your database. How can you make sure they didn't get acess to your main database containing user info?
    I am very curios to know that. Thanks
     
  8. kamal78

    kamal78 Recruit

    Joined:
    Mar 26, 2012
    Messages:
    6
    Likes Received:
    0
    I would also like to add that if you search "etoro vulnerable to database dumb" on google you will get many results. These news have spread to various hacker websites , including one related to the infamous Anonymous team. Showing that you are somehow weak to hackers and getting attention from these groups is certainly not a success. How is eToro going to react ? Are you ready for possible attacks?
     
  9. Simon Edwards

    Simon Edwards Corporal

    Joined:
    Jun 13, 2010
    Messages:
    90
    Likes Received:
    0

    Sorry but you are completely wrong. The security risk to traders is at a ridiculous level.

    I liked the look of the etoro platform and was about to put some money in until i tried out a very simple and basic test. IT FAILED.


    The clients Account details etc are of paramount importance, everything should be done to keep them secure.

    I used the request password feature to reset my password , what should have happened was i was after passing some security checks i would be sent to a link to reset my password or sent a system generated password to log in.

    The email i received contained THE ACTUAL PASSWORD i CREATED


    What this means is you are storing User Details with out encryption! If you can not get this simple and basic thing right what else are you being negligent on??????


    This needs to be fixed now.

    So the Short answer is YES. THERE IS EVER NEED FOR ALARM. ALL CLIENT DETAILS ARE NOT ENCRYPTED AND STORED AS CLEAR TEXT
     
  10. kamal78

    kamal78 Recruit

    Joined:
    Mar 26, 2012
    Messages:
    6
    Likes Received:
    0
    Have you contacted them about this issue? And if yes what was their answer? This seems very bad as well.
     

Share This Page