Hackers Offer Stolen CNET Database for Bitcoin in Publicity Stunt

Russian hacking group wOrm, which managed to steal CNET’s user database, offered to sell the information for 1 BTC.

AccessTimeIconJul 16, 2014 at 1:20 p.m. UTC
Updated Sep 11, 2021 at 10:59 a.m. UTC

A group of Russian hackers that managed to steal CNET’s user database has made that information available for bitcoin, in what seems like a publicity stunt.

The group, which calls itself 'wOrm', says the database contains the accounts of more than a million users, including their usernames, emails, passwords and other information.

The asking price for the source code and the database was 1 BTC, roughly $615 at the time of writing. However, CNET was later told that the group has no plans to decrypt the passwords or to complete the sale of the database.

The offer, which was apparently made to gain attention for the group's "altruistic" work, was quickly rescinded. WOrm has previously carried out similar attacks on websites belonging to the BBC, Adobe Systems and Bank of America.

CNET admits breach

CNET confirmed the attack and admitted that several servers were accessed and compromised. The security flaw that allowed the breach has since been patched, but the hackers managed to steal a significant amount of data before the attack was detected and addressed.

The hackers say they exploited a hole in CNET’s implementation of the Symfony PHP framework. Although the group initially offered to sell the database, it insists its main motivation is security awareness.

"We are driven to make the Internet a better and safer [place] rather than a desire to protect copyright. I want to note that the experts responsible for bezopastnost [security] in cnet very good work but not without flaws," a wOrm member told CNET via twitter.

No cause for alarm?

CNET has not advised its users to change their passwords yet, as the compromised passwords were encrypted and wOrm has stated it will not try to decrypt them.

Web security expert Robert Hansen agrees CNET readers are not at risk. He points out that the hackers were careful not to reveal the “full path to the actual exploit” and that it informed the public of the attack.

"It definitely can feel like a slap in the face to an organization to be hacked, but in reality, most of the time in circumstances like this it's actually a good thing," Hansen said.

Hacker image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.