14 DAY TRIAL // A hacker collective called r00tBeer Security Team has breached the official blog (blogs.amd.com) of the world-renowned microprocessor developer Advanced Micro Devices (AMD). They have not only added a defacement page to the site, but they have also leaked data that has been allegedly taken from the company’s databases.
The leaked data consists of 200 usernames, encrypted passwords, email addresses, names, and the dates when the accounts have been registered.
For the defacement, the hackers have added their own HTML file to the website’s wp-content folder. Our suspicion is that the WordPress version used by AMD might have been outdated and the attackers may have leveraged a known vulnerability to gain access.
Currently, the AMD blog has been taken down for maintenance, the following message being displayed to visitors:
Due to routine maintenance, AMD's web site is temporarily unavailable. We apologize for the inconvenience. This area will be back online as soon as possible. We have contacted AMD in an attempt to learn how the hackers managed to gain access to the blog’s backend and the extent of the damage they have caused.
AMD is not the only famous manufacturer whose systems have been penetrated by hackers lately. A few weeks ago, the members of the NullCrew collective claimed to have hacked the ASUS eStore, leaking administrator credentials.
As far as r00tBeer Security Team is concerned, there aren’t many details as to who is behind the group, except for the fact that it comprises five members: Eriksson, Akira, Taz, Hades, and Nessus.
However, judging by their Twitter account, AMD isn’t their only victim.
They also claim to have breached TBN, also known as The Bot Net or The Botting Network, a discussion forum that currently has over 96,000 members. This website’s database has also been published online.
Update. AMD representatives have responded to our inquiry. Here is their statement in full:
AMD's blog site was the target of an attack on August 19th. We believe that the attackers posted less than 200 registered usernames and salted password hashes to a hacker web site. AMD uses salted password hashes, which is an industry best practice for encryption and extremely difficult to crack.
We immediately took the blog site offline and changed all passwords. AMD remains committed to data security and user privacy and has launched an investigation into this matter. We expect to bring our blog site back online within the next 24 hours.