Far Worse Than Previously Thought: Gawker Content Management System Hacked

by Colby Hall | 4:24 pm, December 12th, 2010

» 25 comments

Earlier today Gawker confirmed earlier reports that their commenter system had been hacked. Now we know that the security breach is much worse – the Content Management System also appears to have been compromised as well.The following story was recently published on Gawker, and the current editor Adrian Chen just announced via Twitter “FYI: That post linking to a torrent of our source code was not written by me. We’ve been hacked.” Update: the fake post published by the hacker has ~~been removed from the site~~ is back up!

The text of the post reads:

We have discovered various copies of our source code available for download from HERE.
We ask you to NOT download this, as this WILL infringe our copyright.

On the one hand, please know that we at Gawker Media take your information VERY seriously, all user data is protected and looked after in accordance with our policy.

However, we do not believe our data has been compromised, so please relax on that front.

We protect our data with UNIX Standard hash encryption method crypt(3), which is absolutely 100% impossible to crack.

We follow the most stringent, industry standard, methods in order to ensure the integrity and safety of your data. We hope that despite the full disclosure of GANJA, we still hold our iron grip on our data.

Due to the leak of the GANJA framework from within our company, we have entered into the process of complete code review to enhance and enforce our privacy policy.

The link leads to a Pirate Bay page where it appears users are able to download the leaked database of Gawker commenters. A screen cap of that page (the text of which follows):

So, here we are again with a monster release of ownage and data droppage.
Previous attacks against the target were mocked, so we came along and raised the bar a little.
Fuck you gawker, hows this for “script kids”?
Your empire has been compromised, Your servers, Your database’s, Online accounts and source
code have all be ripped to shreds!
You wanted attention, well guess what, You’ve got it now!

Contents:

./database
– Database dump (1.3+ million rows), including cracked passwords.
./source
– Source dump
./gawker_redesign_beta.jpg
– Upcoming redesign
./readme.txt
– Read this for some background info and lots of juicy passwords
./server_list.txt
– List of gawker server kernel versions.

While we have already stated we are not 4chan or anonymous, these quotes amuse us:
Brian M.
The headeline of your post should be “Suck on This, 4Chan”
Maureen O.
I like the call to make today Everybody Write About 4chan Day
Hamilton N.
Nick Denton Says Bring It On 4Chan, Right to My Home Address (After The Jump)
Ryan T.
We Are Not Scared of 4chan Here at 210 Elizabeth St NY NY 10012

– #Gnosis, where is your god now? —

Gawker, Gawker Hacked, Gawker Media, Gnosis

Fox News: Better that we sell Hate than Crack

OMG! This might mean these hackers could hijack the multiple sock puppets used by commenters here at Mediatie.
iris

Yeah what would these rightwing losers do who spend all their waking hours here, especially MichelleF
Why she might actually have to pay attention to the kid for once!
DavidB

Hash encryption? GANJA framework?
Sounds like getting high to me.
skyfet

Am I suppose to feel sorry? ahhhhhhhhh
ModerateMan

Looks like they hacked Mediaite as well:

Username: gordonbloyershow
Password: CorpseOfReagan2012

Username: The Real Royal King
Password: smarterthanyou
piratevodka

If their passwords were properly encrypted, they wouldn’t need to be changed at all.
http://www.squidoo.com/lauriebethsgrotto Laurie Beth

I am quite entertained by this whole thing.
Just4thefax

Fact: Only liberals be afraid be very afraid!
fgjkuilu

★★★★★★==== http://yep.it/fyphgj ====★★★★★★

T “Christmas” preferential KuangHuanYe, merry Christmas, my friend!! Christmas is coming, and our website shopping there will be something different, unexpected things to you, let you have a different feeling!!!

Come on, to buy things to shopping right, Price inexpensive beautiful,

Christan Audigier bikini $23

Ed Hardy Bikini $23

Smful short_t-shirt_woman $15

ed hardy short_tank_woman $16

Sandal $32

Will bring you different surprise:

Sunglass $15

COACH_Necklace $27

handbag $33

AF tank woman $17

puma slipper woman $30

handbag $33

AF tank woman $17

puma slipper woman

╭⌒╭⌒ ★ ╮╭⌒╮～╭⌒
☆ ╭⌒╮ ╭★⌒★★★★★★
★∴ ☆ ☆☆☆☆☆☆★☆☆☆
╭⌒╮⌒╮★∵╭⌒ ★∴★ ☆
╱◥██◣ ☆★★★★★★==== http://yep.it/fyphgj ====★★★★★★
｜田｜田田│ ☆ ★
╬╬╬╬╬╬╬╬╬╬╬
felixw

I think the Mediaite site was hit too. That’s why there is no news story on this site about the $16 billion secret bailout from the Fed for MSNBC’s parent company reported two weeks ago in the Washington Post. Everyone knows that a reputable web site covering the media could hardly ignore this story, so the only explanation is that hackers took control of the site and deleted the the biggest story of the year.
http://www.facebook.com/people/Jon-Martin/43100610 Jon Martin

felixw said:
I think the Mediaite site was hit too. That’s why there is no news story on this site about the $16 billion secret bailout from the Fed for MSNBC’s parent company reported two weeks ago in the Washington Post. Everyone knows that a reputable web site covering the media could hardly ignore this story, so the only explanation is that hackers took control of the site and deleted the the biggest story of the year.

If you’d really like to go back and go over expenses.. what about all the no-contract deals Bush gave Haliburton?
Just4thefax

Jon Martin said:
If you’d really like to go back and go over expenses.. what about all the no-contract deals Bush gave Haliburton?

Fact: Wake up blame it on Bush is out of style! Get modern like democrats took a shellacking November 2nd! that’s a fact!
constable80

Just4thefax said:
Fact: Wake up blame it on Bush is out of style! Get modern like democrats took a shellacking November 2nd! that’s a fact!

What teabaggers won? The witch and the freak in Alaska lost huge.
felixw

Jon Martin said:
felix

What a joke. You simply can’t compare open and public government contracts with Halilburton — which were amply covered in the media, and never kept secret — with $16 billion in secret cash bailout money to MSNBC’s parent, which has been covered up in the media. No comparison , my friend. And the unwillingness to mention this huge story is without a doubt the lowest point in Mediaite’s history
Rescuedog

felixw said:
I think the Mediaite site was hit too. That’s why there is no news story on this site about the $16 billion secret bailout from the Fed for MSNBC’s parent company reported two weeks ago in the Washington Post. Everyone knows that a reputable web site covering the media could hardly ignore this story, so the only explanation is that hackers took control of the site and deleted the the biggest story of the year.

Or, Dan Abrams forbade any Mediaite coverage of this topic, as it would jeopardize his cushy sinecure with NBC as its “Chief Legal Analyst”.
Rescuedog

“We ask you to NOT download this, as this WILL infringe our copyright.”

What a joke. I’m glad to see Gawker Media for the first time ever cares about copyright law now that their rights are being infringed.
marcus.lewis

felixw said:
What a joke. You simply can’t compare open and public government contracts with Halilburton — which were amply covered in the media, and never kept secret — with $16 billion in secret cash bailout money to MSNBC’s parent, which has been covered up in the media. No comparison , my friend. And the unwillingness to mention this huge story is without a doubt the lowest point in Mediaite’s history

You also can’t say that GE got that contract because of MSNBC. GE can’t wait to get rid of its TV property that way it distances itself from the partisan hackery, and hope that even less people look at all the corrupt dealings GE does with foreign governments.
hu1234

Good news: this website === http://bingstore.us ===

we has been updated and add products and

many things they abandoned their increases

are welcome to visit our website.

Accept cash or credit card payments, free transport.

You can try oh, will make you satisfied.

===== http://bingstore.us======
erincnyc

Perhaps using that image of the child with Down Syndrome is in poor taste.
Helix

Total hack of Gawker, wonder how many back doors they left, bet when the passwords were changed, GNOSIS keylogged the new ones. Once your source code is hacked, well, they could have done much worse than a couple of fake posts. LOLOL(OL(OLOLLOOLLOOLLLL ROFLMAO. What a shame, couldn’t have happened to more deserving people.
An image of a child with Down’s syndrome is really quite gentle for the hackers….there is a lot of far more offensive and illegal content that could have been placed once you have the source.
Helix

Rescuedog said:
“We ask you to NOT download this, as this WILL infringe our copyright.”

What a joke. I’m glad to see Gawker Media for the first time ever cares about copyright law now that their rights are being infringed.

That was the hacker post, not really gawker. Standard admin fake….Think about it, why would Gawker include the link to piratebay? That’s the hacker subtly showing off.
Just4thefax

Fact: Disinformation is intentionally false or inaccurate information that is spread deliberately. It is synonymous with and sometimes called black propaganda. It may include the distribution of forged documents, manuscripts, and photographs, or spreading malicious rumors and fabricated intelligence. Disinformation should not be confused with misinformation, information that is unintentionally false.In espionage or military intelligence, disinformation is the deliberate spreading of false information to mislead an enemy as to one’s position or course of action. Might have a few rumors in the fog of deception to hide the real truth of leaked matterials here. Just saying?
Britney

Click on our website:

★★★★★★==== http://tld30.com/?Inmb92 ====★★★★★★

★★★★★==== http://tld30.com/?Inmb92 ====★★★★★

★★★★==== http://tld30.com/?Inmb92 ====★★★★

T “Christmas” preferential KuangHuanYe, merry Christmas, my friend!! Christmas is coming, and our website shopping there will be something different, unexpected things to you, let you have a different feeling!!!

Come on, to buy things to shopping right, Price inexpensive beautiful,

Christan Audigier bikini $23

Ed Hardy Bikini $23

Smful short_t-shirt_woman $15

ed hardy short_tank_woman $16

Sandal $32

Will bring you different surprise:

Sunglass $15

COACH_Necklace $27

handbag $33

AF tank woman $17

puma slipper woman $30

handbag $33

AF tank woman $17

puma slipper woman

╭⌒╭⌒ ★ ╮╭⌒╮～╭⌒
☆ ╭⌒╮ ╭★⌒★★★★★★
★∴ ☆ ☆☆☆☆☆☆★☆☆☆
╭⌒╮⌒╮★∵╭⌒ ★∴★ ☆
╱◥██◣ ☆★★★★==== http://tld30.com/?Inmb92 ====★★★★★★
｜田｜田田│ ☆ ★★★★★★★==== http://tld30.com/?Inmb92 ====★★★★
╬╬╬╬╬╬╬╬╬╬╬☆ ★★★★★★=== http://tld30.com/?Inmb92 ==★★★★
KiKi

Couldn’t happen to a nicer group of clowns.
HA HA HA!
The ReaI Royal King

ModerateMan said:
Looks like they hacked Mediaite as well: Username: gordonbloyershowPassword: CorpseOfReagan2012 Username: The Real Royal KingPassword: smarterthanyou

You’re a regular genius, Kumquat. That being said, I am smarter than you and everyone else here. You’re lucky to share in my wisdom on a daily basis.

All woman want me and all men want to be me. However, nothing equals the pleasure that I can administer to myself..