A group of Russian hackers that managed to steal CNET’s user database has made that information available for bitcoin, in what seems like a publicity stunt.
The group, which calls itself ‘wOrm’, says the database contains the accounts of more than a million users, including their usernames, emails, passwords and other information.
The asking price for the source code and the database was 1 BTC, roughly $615 at the time of writing. However, CNET was later told that the group has no plans to decrypt the passwords or to complete the sale of the database.
The offer, which was apparently made to gain attention for the group’s “altruistic” work, was quickly rescinded. WOrm has previously carried out similar attacks on websites belonging to the BBC, Adobe Systems and Bank of America.
CNET admits breach
CNET confirmed the attack and admitted that several servers were accessed and compromised. The security flaw that allowed the breach has since been patched, but the hackers managed to steal a significant amount of data before the attack was detected and addressed.
The hackers say they exploited a hole in CNET’s implementation of the Symfony PHP framework. Although the group initially offered to sell the database, it insists its main motivation is security awareness.
“We are driven to make the Internet a better and safer [place] rather than a desire to protect copyright. I want to note that the experts responsible for bezopastnost [security] in cnet very good work but not without flaws,” a wOrm member told CNET via twitter.
No cause for alarm?
CNET has not advised its users to change their passwords yet, as the compromised passwords were encrypted and wOrm has stated it will not try to decrypt them.
Web security expert Robert Hansen agrees CNET readers are not at risk. He points out that the hackers were careful not to reveal the “full path to the actual exploit” and that it informed the public of the attack.
“It definitely can feel like a slap in the face to an organization to be hacked, but in reality, most of the time in circumstances like this it’s actually a good thing,” Hansen said.
Hacker image via Shutterstock