01:38 PM
Connect Directly

Gawker Media Hacked

The company's user database and content management system have been breached, prompting calls to change passwords.

Gawker Media on Sunday said that its user database had been hacked and encouraged all registered users of the company's Web sites to change their passwords.

Gawker Media's properties include Gawker, Gizmodo, Jalopnik, Jezebel, Kotaku, Lifehacker, Deadspin, io9, and Fleshbot.

Over 1.3 million accounts, with some 540,000 associated e-mail addresses, were exposed and the company's content management system is said to have been compromised as well. The hacked data base file, initially available on The Pirate Bay's Web site, has since been removed. Gawker says that although the passwords were encrypted, they're still potentially vulnerable to hackers.

A group identifying itself as Gnosis has claimed responsibility for the attack. The group says its motivation is to punish Gawker for being arrogant, according to Mediaite.

Someone -- apparently H.D. Moore, creator of the metasploit framework and CSO at Rapid7, whose e-mail address is listed -- has posted a CSV file of the domains of affected e-mail addresses and hashed e-mail address values as a Google Fusion Table. The file includes instructions for how to generate an MD5 hash of one's e-mail address and to search for that value among the posted list of compromised accounts. Finding one's e-mail address on this list means it's definitely time to change your password.

Gawker is also advising users who maintained linked Twitter accounts with the same password to change their passwords at Twitter.

There's currently a Twitter spam campaign that's promoting acai berries through compromised accounts and there's some speculation that Twitter accounts exposed through the Gawker database compromise are being exploited to deliver the tweet spam.

Gawker Media issued an apology for the security failure. "We're deeply embarrassed by this breach," the company said in a statement on its Web site. "We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us."

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
Who Does What in Cybersecurity at the C-Level
Steve Zurier, Freelance Writer,  3/16/2018
New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/14/2018
IoT Product Safety: If It Appears Too Good to Be True, It Probably Is
Pat Osborne, Principal - Executive Consultant at Outhaul Consulting, LLC, & Cybersecurity Advisor for the Security Innovation Center,  3/12/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.