On Twitter the Russian hack group w0rm has announced the attack on the news site CNET. The hackers took advantage of the vulnerability in the PHP framework Symfony and captured more than a million customer data. In a Twitter conversation with CNET News, a w0rm spokesman confirmed that the stolen database includes user names, email addresses, and encrypted passwords from CNET users.
Also interesting is
In addition, he emphasized that the data were offered symbolically for a Bitcoin, but were not really for sale. Wurm did not want to decrypt the passwords or make money with the attack. Rather, it was the group's concern to draw attention to the vulnerability to improve overall Web security.
In a statement from CNET mother CBS Interactive, it was said that some servers had been accessed. However, the Group had already identified the weak spot and closed it a few days ago. CBS will continue monitoring the CNET servers.
With 27.1 million visitors on the website, CNET has probably attracted the attention of the hackers. At the same time, we were able to certify to the CNET safety officer that the safety measures were good, but not perfect, as they themselves proved.
No comments:
Post a Comment