hacked, possibly The Wall Street Journal website too

Share this article:
Possibly 350K ransomware infections, $70K earned, in Dropbox phishing scheme
When W0rm similarly hacked CNET, it told the tech news site that it was only looking to expose security flaws.

On Monday, a reported Russian hacker group known as W0rm tweeted, along with screenshots, that it had hacked popular news, arts and culture site and The Wall Street Journal website, and would sell each stolen database for a Bitcoin.

A spokesperson told on Tuesday that a recent security exploit was used to access a list of CMS users. A CMS, or content management system, is an application often used by news groups to modify, publish and maintain content posted to a website.

The list of CMS users included email addresses and hashed passwords, which are unusable unless decrypted, the spokesperson said, adding the vulnerability has since been patched and the passwords were reset as a precaution.

The screenshot posted by W0rm to Twitter was of the CMS user list; the website was not defaced and user accounts were not compromised, said.

Dow Jones & Company, publisher of The Wall Street Journal, did not immediately respond to a request for comment. In a possibly unrelated instance, hackers recently compromised the Facebook account for the daily newspaper and posted a message falsely indicating that Air Force One had crashed. 

On July 12, W0rm tweeted, along with screenshots, that it had hacked popular technology news and review site CNET and would sell a database of user information for a Bitcoin. CNET confirmed the attack two days later.

In a Twitter conversation, a W0rm representative told CNET it had stolen usernames, email addresses and encrypted passwords on more than a million users, but that its goals were only to bring attention to security holes, and the group did not intend to decrypt and sell the database.

The W0rm representative said the group exploited a vulnerability in CNET's Symfony PHP framework, a programming tool that helps developers create websites.

UPDATE: CNET had reported that W0rm is a group, but Andrew Komarov, CEO of IntelCrawler who investigated the attacks, told on Wednesday that W0rm is a single individual, also known as Rev0lver.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.