CNET Attacked by Russian Hacker Group, 'W0rm'

A Russian Hacker Group that has Attacked Some of the Biggest News and Business Websites in the World, Claims it Penetrated CNET's Website Over the Weekend and Stole a Database of Registered Reader Data. A Representative from the Group Calling itself, ' W0rm', Told CNET News in a Twitter Conversation that, it Stole a Database of Usernames, Emails and Encrypted Passwords from CNET's Servers. 'W0rm' is Claiming that, the Database of Stolen Information includes Data on More than 1 Million Users. A CBS Interactive Spokeswoman Said that, "a few servers were accessed" by the Intruder. "We identified the issue and resolved it a few days ago. We will continue to monitor", for Potential Impact, she Said. 'W0rm' Said it Found its Way into CNET's Servers through a Security Hole in CNET.com's Implementation of the Symfony PHP Framework, a Popular Programming Tool that Provides a Skeleton on which Developers Can Construct a Complex Website. Properties Owned by CBS Interactive, which includes CNET, were the 9th-Most Visited Sites in the US during May. According to ComScore, CNET had 27.1 Million U.S. Unique Visitors on Desktop and Mobile in June 2014. The 'W0rm' Representative, a Non-Native English Speaker, Said the Group had No Plans to Decrypt the Passwords or to Complete the Sale of the Database.


'W0rm' Tweeted Monday that, it will Sell the Database for 1 Bitcoin -- around $622. But, the Group's Spokesperson Said they Offered to Sell the Database to Gain Attention -- "nothing more". 'W0rm' Claims that, its Goals are Altruistic and that, it Hacked CNET Servers to Improve the Overall Security of the Web. By Targeting High-Profile Sites, the Group Says, it Can Raise Awareness about Security Flaws. 'W0rm' Claims to Have Successfully Hacked the BBC in Late 2013, as well as, Earlier Hacks of Adobe Systems and Bank of America Websites. CNET's Popularity is What Motivated the Group to Target the Website. "[W]e are driven to make the Internet a better and safer [place] rather than a desire to protect copyright", 'W0rm' Said in a Twitter Exchange on Monday. "I want to note that the experts responsible for bezopastnost [security] in cnet very good work but not without flaws." Robert Hansen, a Web Security Expert at White Hat Security Said, CNET Readers Might Not be at Risk. "It definitely can feel like a slap in the face to an organization to be hacked but, in reality, most of the time in circumstances like this it's actually a good thing", Hansen Said. "'W0rm' was careful not to give the full path to the actual exploit and informed the general public that the compromise occurred."