Total hacking Gawker Media: stolen 1.5 million accounts
A group of anonymous hackers infiltrated Gawker Media’s servers and “took the rubbish out of the hut” half a gigabyte — swapping roles with one of the most ruthless online publications specializing in gossip and scandal.
Known as Gnosis, the group supported 4chan and Payback operations, which took place last week and was directed against PayPal, MasterCard, Visa and other companies that cut ties with WikiLeaks. The article that was posted this weekend on BitTorrent contained email registration data and Twitter Nick Denton and other Gawker cones, as well as the logins of thousands of registered Gawker readers (this is the Gawker site itself, the largest blogs Gizmodo, Kotaku, Lifehacker).
It also sharply rebuked the Gawker security system.
')
"One would think that a site that likes to make fun of other people should have a better security system and really understand what they are doing," wrote the authors, who repeatedly referred to previous skirmishes between this site and the Anonymous group.
“You might think that a person like Nick Denton, who loves to tongue and tease such difficult people as Anonymous, will use such a“ strong ”password as '24862486,'?”, They wrote elsewhere. “The sad thing is that he probably believes that his password is“ secure ”because he uses it everywhere!”
On the front page of Gawker on Sunday evening there was a warning: “It’s likely that our user’s database was hacked”. The message recommended that readers consider all their accounts in all sites owned by Gawker, hacked and immediately change passwords.
“We are extremely concerned about this burglary,” the recommendation said. “It’s not for us to rely on the goodwill of hackers who have found a weak spot in our systems. Nevertheless, irony does not change us. "
It is alleged that the file size of 486 MB is 1.5 million passwords protected by DES - this is a weak enough hashing algorithm to adequately resist the selection.
Hackers claim that even after Denton discovered that one of his online accounts may have been hacked, he continued to use the same weak password on other accounts. The uploaded file also contained what is considered the Gawker source code, a preliminary version with a new Gawker website design, and, as they say, passwords to a dozen of Gawker administrative accounts.
Gawker and Anonymous have been in conflict since July, when attackers launched a web-based attack that periodically brought the site offline.
Known as Gnosis, the group supported 4chan and Payback operations, which took place last week and was directed against PayPal, MasterCard, Visa and other companies that cut ties with WikiLeaks. The article that was posted this weekend on BitTorrent contained email registration data and Twitter Nick Denton and other Gawker cones, as well as the logins of thousands of registered Gawker readers (this is the Gawker site itself, the largest blogs Gizmodo, Kotaku, Lifehacker).
It also sharply rebuked the Gawker security system.
')
"One would think that a site that likes to make fun of other people should have a better security system and really understand what they are doing," wrote the authors, who repeatedly referred to previous skirmishes between this site and the Anonymous group.
“You might think that a person like Nick Denton, who loves to tongue and tease such difficult people as Anonymous, will use such a“ strong ”password as '24862486,'?”, They wrote elsewhere. “The sad thing is that he probably believes that his password is“ secure ”because he uses it everywhere!”
On the front page of Gawker on Sunday evening there was a warning: “It’s likely that our user’s database was hacked”. The message recommended that readers consider all their accounts in all sites owned by Gawker, hacked and immediately change passwords.
“We are extremely concerned about this burglary,” the recommendation said. “It’s not for us to rely on the goodwill of hackers who have found a weak spot in our systems. Nevertheless, irony does not change us. "
It is alleged that the file size of 486 MB is 1.5 million passwords protected by DES - this is a weak enough hashing algorithm to adequately resist the selection.
Hackers claim that even after Denton discovered that one of his online accounts may have been hacked, he continued to use the same weak password on other accounts. The uploaded file also contained what is considered the Gawker source code, a preliminary version with a new Gawker website design, and, as they say, passwords to a dozen of Gawker administrative accounts.
Gawker and Anonymous have been in conflict since July, when attackers launched a web-based attack that periodically brought the site offline.
Source: https://habr.com/ru/post/109932/
All Articles