hacked, possibly The Wall Street Journal website too

Share this article:
Possibly 350K ransomware infections, $70K earned, in Dropbox phishing scheme
When W0rm similarly hacked CNET, it told the tech news site that it was only looking to expose security flaws.

On Monday, a reported Russian hacker group known as W0rm tweeted, along with screenshots, that it had hacked popular news, arts and culture site and The Wall Street Journal website, and would sell each stolen database for a Bitcoin.

A spokesperson told on Tuesday that a recent security exploit was used to access a list of CMS users. A CMS, or content management system, is an application often used by news groups to modify, publish and maintain content posted to a website.

The list of CMS users included email addresses and hashed passwords, which are unusable unless decrypted, the spokesperson said, adding the vulnerability has since been patched and the passwords were reset as a precaution.

The screenshot posted by W0rm to Twitter was of the CMS user list; the website was not defaced and user accounts were not compromised, said.

Dow Jones & Company, publisher of The Wall Street Journal, did not immediately respond to a request for comment. In a possibly unrelated instance, hackers recently compromised the Facebook account for the daily newspaper and posted a message falsely indicating that Air Force One had crashed. 

On July 12, W0rm tweeted, along with screenshots, that it had hacked popular technology news and review site CNET and would sell a database of user information for a Bitcoin. CNET confirmed the attack two days later.

In a Twitter conversation, a W0rm representative told CNET it had stolen usernames, email addresses and encrypted passwords on more than a million users, but that its goals were only to bring attention to security holes, and the group did not intend to decrypt and sell the database.

The W0rm representative said the group exploited a vulnerability in CNET's Symfony PHP framework, a programming tool that helps developers create websites.

UPDATE: CNET had reported that W0rm is a group, but Andrew Komarov, CEO of IntelCrawler who investigated the attacks, told on Wednesday that W0rm is a single individual, also known as Rev0lver.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters