14 DAY TRIAL // Recently, a hacker group from Russia informed over Twitter that they managed to hack the systems of CNET and collect a database with login credentials of more than one million users of the website.
The data stolen from CNET’s servers is said to contain usernames, emails and encrypted passwords, and the group, communicating under the alias “w0rm,” tweeted that they were willing to sell the information for as little as one Bitcoin (roughly $620/€455).
Perpetrators said they asked for such a low price because they wanted to gain notoriety. The security hole exploited is in the Symphony PHP framework, which allows web developers to build more sophisticated websites.
A representative from CBS Interactive, which owns the CNET publication, admitted the servers had been accessed by an attacker over the weekend and said that the issue had been identified and eliminated, but they would keep their eyes on the matter.
W0rm did not provide the full path to the exploit, and it appears that the motivation behind the attack was to raise security awareness, a high-profile website being the best way to achieve this goal.
https//w0rm.in/cnet.com.tar.gz cnet hacked, here is src of www. pic.twitter.com/ggkaNF3VfE
— w0rm (@rev_priv8) July 12, 2014 Although the passwords retrieved by the hackers are encrypted, there is no information on the algorithm used to protect them or if they were salted and hashed.
As a precaution, it would be wise for those with login credentials for CNET website to change their passcodes for the service, even if decrypting the details may not lead to accessing them in plain text.
It is worth noting that the same security awareness motivation was behind the recent distributed denial-of-service attacks carried out last week against multiple financial institutions in Norway.
The attacker sent the media publications an email claiming he was part of Anonymous Norway and said that “the motivation behind the current attacks and the next attacks in the future is to get the community to wake up. The number of major IT security attacks is increasing and there is nothing being done to prevent such events.”
A few days later he was identified as a 17-year-old and the authorities arrested him under the initial charge of gross vandalism, which carries in Norway a maximum prison penalty of six years. The teen was revealed to be a script kiddie who leveraged a known vulnerability in WordPress.
However, in this case, it appears that the hackers know what they are doing and are not expected to be careless about their identity.