• Share
  • Email
  • Embed
  • Like
  • Private Content
Gawker Hacked – Database Exposed
 

Gawker Hacked – Database Exposed

on

  • 220 views

Hackers have gotten a hold of the database containing usernames and passwords of roughly 1.4 million users who have posted a comment to the Gawker website or any of its popular affiliates. If you've ...

Hackers have gotten a hold of the database containing usernames and passwords of roughly 1.4 million users who have posted a comment to the Gawker website or any of its popular affiliates. If you've ever made a comment on any of the Gawker sites then your information has likely been compromised as a result of this breach. Also, due to clowns using the same password on multiple sites there are reports of a number of twitter accounts and other social media sites having those accounts compromised as well.

Statistics

Views

Total Views
220
Views on SlideShare
220
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Gawker Hacked – Database Exposed Gawker Hacked – Database Exposed Document Transcript

    • Gawker Hacked - Database ExposedHackers have gotten a hold of the database containing usernames and passwords of roughly 1.4 million userswho have posted a comment to the Gawker website or any of its popular affiliates, including lifehacker.com,gizmodo.com, jalopnik.com, jezebel.com, kotaku.com, deadspin.com and others.They are not keeping this database to themselves either. They‟ve uploaded the entire thing to the public torrenttracker thepiratebay.org, including their rough analysis of the database, plaintext credentials for a number ofGawker employees, 200,000 decrypted passwords they‟ve cracked, as well as the entire 1.4 million encryptedusernames, email addresses, and encrypted passwords.Technical details on the hack are fairly slim at the moment, but the hacking group Gnosis has claimedresponsibility for it. This little tidbit was included in the upload of the database to thepiratebay.org:“F@#$ you gawker, hows this for “script kids”?Your empire has been compromised, Your servers, Your database‟s, Online accounts and source code have allbe ripped to shreds!You wanted attention, well guess what, You‟ve got it now!”It appears that Gnosis was able to guess the password of Gawker founder Nick Denton for his account on theCampfire team-collaboration portal that Gawker uses for internal communications and real-time chat amongststaff. Once Gnosis had access to this they were able to obtain a wealth of information from the reported 4gigabytes of chat logs.It seems that the password for the MySQL database was also disclosed somewhere in these logs. With the SQLcredentials in hand, it was a trivial matter for Gnosis to dump large amounts of information, includingusernames, email addresses, and encrypted passwords. Unfortunately the encryption used to protect thepasswords was the ancient and deprecated Data Encryption Standard (DES) which uses a measly 56 bitencryption key. WEB PHONE EMAIL WWW.REDSPIN.COM 800-721-9177 INFO@REDSPIN.COM
    • Due to this poor encryption scheme, any password over 8 characters is truncated to 8 before being stored in thedatabase. Users with a password greater than 8 characters will not have the entire thing compromised, butaccess to their account will still be possible with the first 8 characters if cracked. Gnosis has cracked roughly200,000 of the 1.4 million passwords contained in the database they dumped. All of the hashes are available forcracking by anyone who‟s interested and has some spare CPU power.A rough analysis of the passwords cracked is pretty horrifying. Some gems: 2000 passwords were „password‟ 150,000 passwords consisting of all lowercase words 3000 passwords were „123456‟ Nick Denton had a password consisting of all numbersIf you‟ve ever made a comment on any of the Gawker sites then your information has likely been compromisedas a result of this breach. Also, due to clowns using the same password on multiple sites there are reports of anumber of twitter accounts and other social media sites having those accounts compromised as well.Don‟t use the same password for everything. This can‟t be stressed enough. Use a different password, or avariation of the same password.Slate has rigged up a little widget on their site that claims to check email addresses against the compromiseddatabase to see if you‟re a victim.Find it here http://www.slate.com/id/2277768/Written by Redspin Engineer, Mark Marshall, aka fulg0re WEB PHONE EMAIL WWW.REDSPIN.COM 800-721-9177 INFO@REDSPIN.COM