Hacker claims breach of Wall Street Journal and Vice websites, punts 'user data' for sale

Also supposedly hit a gadgets site called 'CNET'


A hacker known for attacking news websites has claimed successful hacks against both the Wall Street Journal and Vice.

An individual going under the handle "w0rm" posted screenshots in a bid to substantiate his claims of hacks against the WSJ (here) and Vice (here) before offering to sell stolen databases from both publications for 1 BTC apiece ($620).

These screenshots appear to show extracted strings from stolen databases with users' credentials.

w0rm's hack claims are credible but unconfirmed, according to El Reg's security sources.

We invited the Wall Street Journal and Vice to comment on the reported hacks but are yet to hear back. We'll update this story as and when we hear more.

Comment

Last weekend hackers hijacked the Wall Street Journal’s Facebook page to falsely claim that Air Force One had gone missing over Russian airspace, a claim likely to spook the US public especially in the wake of the unfolding MH17 shot-down airline disaster in eastern Ukraine. It's unclear whether or not the two incidents are linked.

The whole security flap follows just days after w0rm claimed responsibility for an attack against a gadget website named CNET, a claim he followed up with an offer to flog off a CNET database supposedly containing one million usernames, passwords and email addresses. He also offered to sell the website's operators a protection system.

The hack was reportedly pulled off by exploiting flaws in the Symfony PHP framework used by the CNET site.

The CNET team downplayed the incident, saying only a "few servers were accessed" and the problem was quickly contained and resolved.

"We identified the issue and resolved it a few days ago," a spokesman told El Reg. "We continue to monitor and are investigating for any potential impact."

w0rm was previously linked to a high-profile hack against the BBC last December. He previously used nicknames including "rev0lver" or "rev", according to El Reg's sources.

The hacker is thought to be primarily financially motivated. He trades stolen databases with other cybercriminals and spammers through underground forums. w0rm is also thought to have a finger in the murky world of computer exploit sales. ®

Similar topics

Broader topics


Other stories you might like

  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading
  • Hackers weigh in on programming languages of choice
    Small, self-described sample, sure. But results show shifts over time

    Never mind what enterprise programmers are trained to do, a self-defined set of hackers has its own programming language zeitgeist, one that apparently changes with the wind, at least according to the relatively small set surveyed.

    Members of Europe's Chaos Computer Club, which calls itself "Europe's largest association of hackers" were part of a pool for German researchers to poll. The goal of the study was to discover what tools and languages hackers prefer, a mission that sparked some unexpected results.

    The researchers were interested in understanding what languages self-described hackers use, and also asked about OS and IDE choice, whether or not an individual considered their choice important for hacking and how much experience they had as a programmer and hacker.

    Continue reading
  • Stolen-data market RaidForums taken down in domain seizure
    Suspected admin who went by 'Omnipotent' awaits UK decision on extradition to US

    After at least six years of peddling pilfered personal information, the infamous stolen-data market RaidForums has been shut down following the arrest of suspected founder and admin Diogo Santos Coelho in the UK earlier this year.

    Coelho, 21, who allegedly used the mistaken moniker "Omnipotent" among others, according to the US indictment unsealed on Monday in the Eastern District of Virginia, is currently awaiting the outcome of UK legal proceedings to extradite him to the United States.

    The six-count US indictment [PDF] charges Coelho with conspiracy, access device fraud, and aggravated identity theft following from his alleged activities as the chief administrator of RaidForums, an online market for compromised or stolen databases containing personal and financial information.

    Continue reading

Biting the hand that feeds IT © 1998–2022