One of the world’s most popular technology review websites CNET had to clean a Russian hacker out of some of its servers over the weekend. A Twitter user going by the name of w0rm and the handle @rev-priv8 posted an image of their access to a CNET.com server, with a screenshot of a shell proving they had compromised the site.
CNET isn’t saying much at the minute about the nature of the attack or the data that may or may not have been stolen. “Here’s the situation, a few servers were accessed. We identified the issue and resolved it yesterday. We will continue to monitor,” said Jen Boscacci, senior manager of corporate communications at CNET, on Sunday.
The image posted by the hacker would indicate they could access and upload files to the website. It’s pretty difficult to say how they did it, though. One source suggested it was likely a content management system breach – something like a WordPress or Joomla exploit.
With hope, no user data such as usernames or passwords were compromised, but CNET wouldn’t provide any more detail than that above.
A look over the aforementioned Twitter account, however, provides some information on the history of the hacker, who is likely Russian. They appeared to have been involved in a breach of the BBC last year and have been running a website where members can show off their exploits, w0rm (dot) pw.
Whoever they are, they can now brag about attacks on two of the biggest media organisations in the world, even if they haven’t managed to access particularly sensitive data.
This story will be updated as soon as more information becomes available.