Share this article
Hackers Offer Stolen CNET Database for Bitcoin in Publicity Stunt
Russian hacking group wOrm, which managed to steal CNET’s user database, offered to sell the information for 1 BTC.
Updated Sep 11, 2021, 10:59 a.m. Published Jul 16, 2014, 1:20 p.m.
Make us preferred on Google
A group of Russian hackers that managed to steal CNET’s user database has made that information available for bitcoin, in what seems like a publicity stunt.
The group, which calls itself 'wOrm', says the database contains the accounts of more than a million users, including their usernames, emails, passwords and other information.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
The asking price for the source code and the database was 1 BTC, roughly $615 at the time of writing. However, CNET was later told that the group has no plans to decrypt the passwords or to complete the sale of the database.
The offer, which was apparently made to gain attention for the group's "altruistic" work, was quickly rescinded. WOrm has previously carried out similar attacks on websites belonging to the BBC, Adobe Systems and Bank of America.
CNET admits breach
CNET confirmed the attack and admitted that several servers were accessed and compromised. The security flaw that allowed the breach has since been patched, but the hackers managed to steal a significant amount of data before the attack was detected and addressed.
The hackers say they exploited a hole in CNET’s implementation of the Symfony PHP framework. Although the group initially offered to sell the database, it insists its main motivation is security awareness.
"We are driven to make the Internet a better and safer [place] rather than a desire to protect copyright. I want to note that the experts responsible for bezopastnost [security] in cnet very good work but not without flaws," a wOrm member told CNET via twitter.
No cause for alarm?
CNET has not advised its users to change their passwords yet, as the compromised passwords were encrypted and wOrm has stated it will not try to decrypt them.
Web security expert Robert Hansen agrees CNET readers are not at risk. He points out that the hackers were careful not to reveal the “full path to the actual exploit” and that it informed the public of the attack.
"It definitely can feel like a slap in the face to an organization to be hacked, but in reality, most of the time in circumstances like this it's actually a good thing," Hansen said.
Hacker image via Shutterstock
More For You
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
What to know:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
More For You
Robinhood CEO says tokenized stocks could prevent another GameStop freeze
Vlad Tenev blamed the trading halt on its app in 2021 on bad infrastructure, a problem that he says tokenization would solve.
What to know:
- Robinhood CEO Vlad Tenev says the 2021 GameStop trading halt was caused by slow, collateral-intensive settlement infrastructure, rather than bad actors.
- Tenev argues that even the shift from T+2 to T+1 settlement is insufficient in a 24/7 news-and-trading environment, especially for trades executed on Fridays.
- He is pushing to move stocks onto blockchains for real-time settlement, expand Robinhood’s tokenized stock offerings and 24/7 DeFi-style trading, and urge Congress to pass the CLARITY Act to force the SEC to issue rules on tokenized equities.
Top Stories
