What you need to know about the Gawker breach ; This weekend's breach of Gawker has readers of the blogging empire's Web sites scrambling to see if their e-mail addresses have been publicly exposed, but even people who don't use the site can learn lessons from what happened. What happened?
The Web site and back-end database of Gawker was published on the Pirate Bay Bit Torrent site on Sunday. It included Gawker source code, information about a possible site redesign, instant messages between employees, and about 1.3 million user account passwords, usernames, and e-mail addresses. While they were encrypted using DES (Data Encryption Standard), simple passwords may be vulnerable to a brute force attack.
Jon Oberheide, chief technology officer at Duo security, used a tool called John the Ripper on the passwords and wrote a blog post about some interesting patterns he found. "Attackers will undoubtedly be testing the cracked passwords against both personal and corporate services such as e-mail accounts, online banking sites, VPN remote access logins," he wrote.
Who was affected?
Anybody who registered with any of Gawker's sites--Gawker, Gizmodo, Jezebel, Lifehacker, io9, Jalopnik, Kotaku, Deadspin and Fleshbot--is at risk, unless they logged in using Facebook Connect, according to an FAQ on Lifehacker. The exposed data includes a bunch of e-mail addresses of workers at federal, state, and local government agencies, that PBS Newshour reports appear to have been separated out for possible future attacks.
How do I find out if my personal information is in the data file?
Anyone can download the 500MB file to look for their e-mail address in clear text, but it will take bandwidth and time. HD Moore, chief security officer of Rapid7, created a way for people to easily check to see if their information was compromised. He did this by creating hashes, or unique values, for each of the e-mail addresses to protect the privacy but allow people to easily see if their information is in the list. First, you need to create a cryptographic hash of your e-mail address and enter it as lowercase here. Then search for that hash here by clicking on "show options" and setting the condition to MD5 = YourHash and click "apply." If you find an entry in the table that matches your MD5 hash, then your Gawker account has been breached. More information is on the Rapid7 blog.
Another Web site created to check if your information is on the Gawker list by typing in your username and/or e-mail address is called GawkerCheck.com.
Deciding that Gawker posting warnings about the breach on its sites wasn't adequate notice, some people on the Hacker News site began contacting e-mail addresses on the list themselves, according to the Media Mob blog.
What should I do now if my password was among those in the file?
If you used that same password on any other sites you should immediately change it there. Experts recommend not changing the password on the Gawker site until administrators there have completely fixed the security issues.
I don't use that site so I'm safe, right?
You might be safe from having your information exposed in this particular attack, but these types of breaches happen every day so you should be careful what passwords you choose and follow some basic precautions. For instance, don't use the same password at multiple sites. Create a unique password for every site you log into. That way your other accounts won't be impacted. This may have already posed a problem for some Gawker users. A Twitter representative attributed spamming on Twitter on Sunday to people having the same password for both sites.
It's very important to choose strong passwords. Passphrases, sequences of words, or other text are harder to crack than passwords because they are longer. Mixing in uppercase and lowercase letters, and using numbers and symbols, greatly increases the strength of the password or passphrase. More tips for choosing strong passwords can be found here. Information about password managers is here. And you can test the strength of a potential password at this Microsoft Web site.
Who did this?
A group calling itself "Gnosis" appears to be behind the attack. The name could refer to an operating system from the 1970s from a company called Tymshare or to the dictionary definition pertaining to knowledge of spiritual matters. There isn't much information available about the group.
Why was Gawker targeted?
Gawker said in July that it was targeted in a denial-of-service attack by people associated with the notorious Internet prankster group called 4chan after reporting that the group had harassed an 11-year-old girl. Although the Gnosis group said in the file it uploaded to the Internet that it is not 4chan, it praised 4chan, as well as Anonymous, a loose group of WikiLeaks supporters who have been orchestrating denial-of-service attacks on Visa, PayPal and others who have cut off the whistleblower project. Among the information released by the group were what appeared to be instant message chats between Gawker employees discussing 4chan. In the messages the participants are suggesting possible headlines such as "Suck on This, 4Chan," "Nick Denton (Gawker founder) Says Bring It On 4Chan, Right to My Home Address (After The Jump) and "We Are Not Scared of 4chan Here at 210 Elizabeth St NYNY 10012."
"We went after Gawker because of their outright arrogance," a source claiming to be from Gnosis told blog Mediaite "We have had access to all of their emails for a long time as well as most of their infrastructure powering the site. Gawkmedia has possibly the worst security I have ever seen. It is scary how poor it is. Their servers run horribly outdated kernel versions, their site is filled with numerous exploitable code and their database is publicly accessible."
Asked for comment via e-mail, Denton replied: "We're saving our responses for commenters, who are the people directly affected, after all. You can find some of mine in http://gawker.com/tag/crosstalk."
Forbes has a fascinating article filled with details on how the attack was done that every Web site owner should read. articel from news.cnet.com ....
Related Post:
technology
- Impact IBM buying Texas Memory Systems
- Ofcom probes John Darwin email hacking by Sky News
- Latest Samsung Galaxy S3 news pops up on Amazon Germany
- Fibre optic broadband connections of up to 300 Megabits 2013
- best mobile water love screensavers
- Nintendo profit predictions 2012-2013
- Asus decision to encrypt the bootloader built into its Eee Pad Transformer
- Powered by Article Dashboard china science and technology
- Auto Sales and Market Share in mexico
- best Samsung Smartphones of 2011
- best Mobile Phones to watch 2012
- best mobile phones to buy in 2012
- world best mobile 2012
- mobile Handset sales in India in 2011
- BlackBerry market share in indonesia outlook 2012
- windows 8 sales expectations 2012
- Smartphones market share outlook 2012
- asus transformer prime 64gb release date
- Grammys to honor late Steve Jobs for contribution to music
- 2012 asus transformer prime 64gb tablet release date
- Irish Privacy Watchdog Asks Facebook to Cleanup July 2012
- panasonic L42D25s spec and price
- samsung 46d5000 specification and price
- new prices Sony, LG LED TVs 2012
- best Black Friday 2011 deals and discounts
No comments:
Post a Comment