Vice.com hacked, possibly The Wall Street Journal website too
When W0rm similarly hacked CNET, it told the tech news site that it was only looking to expose security flaws.
On Monday, a reported Russian hacker group known as W0rm tweeted, along with screenshots, that it had hacked popular news, arts and culture site Vice.com and The Wall Street Journal website, and would sell each stolen database for a Bitcoin.
A Vice.com spokesperson told SCMagazine.com on Tuesday that a recent security exploit was used to access a list of Vice.com CMS users. A CMS, or content management system, is an application often used by news groups to modify, publish and maintain content posted to a website.
The list of CMS users included email addresses and hashed passwords, which are unusable unless decrypted, the Vice.com spokesperson said, adding the vulnerability has since been patched and the passwords were reset as a precaution.
The screenshot posted by W0rm to Twitter was of the CMS user list; the website was not defaced and user accounts were not compromised, Vice.com said.
Dow Jones & Company, publisher of The Wall Street Journal, did not immediately respond to a SCMagazine.com request for comment. In a possibly unrelated instance, hackers recently compromised the Facebook account for the daily newspaper and posted a message falsely indicating that Air Force One had crashed.
On July 12, W0rm tweeted, along with screenshots, that it had hacked popular technology news and review site CNET and would sell a database of user information for a Bitcoin. CNET confirmed the attack two days later.
In a Twitter conversation, a W0rm representative told CNET it had stolen usernames, email addresses and encrypted passwords on more than a million users, but that its goals were only to bring attention to security holes, and the group did not intend to decrypt and sell the database.
The W0rm representative said the group exploited a vulnerability in CNET's Symfony PHP framework, a programming tool that helps developers create websites.
UPDATE: CNET had reported that W0rm is a group, but Andrew Komarov, CEO of IntelCrawler who investigated the attacks, told SCMagazine.com on Wednesday that W0rm is a single individual, also known as Rev0lver.