Gawker Hack Prompts FBI Investigation
The FBI is initiating an investigation of the Gawker Media hack that exposed the passwords of more than 200,000 account holders to hackers over the weekend.
Federal investigators were scheduled to meet with Gawker Media CEO Nick Denton on Tuesday to discuss a massive brute force attack instigated by the hacker group Gnosis, whose members stole an estimated 1.3 million usernames and passwords, and published e-mail addresses for more than 200,000 registered users, according to the New York Post.
The attack also affected Gawkers' corporate servers, which gave Gnosis access to Gawker staff account information as well as source code and IM chat logs between employees, according to The Next Web.
Gawker account holders who used the same password for their Twitter account were then pummeled with a massive spam campaign soliciting an Acai berry diet product.
With about 1.5 million registered users, Gawker Media is one of the most successful media and blog outlets, overseeing tech, political and popular culture blogs such as Gizmodo, Lifehacker, Gawker, Jezebel, io9, Jalopnick Kotaku, Deadspin and Fleshbot.
The sites halted production of new material on Sunday and instead urged employees and users to change their passwords. However, a mechanism prevented users from altogether disabling their accounts.
"We're deeply embarrassed by this breach," Gawker's Denton apologized in a blog post Monday. Denton also advised users to immediately change their passwords, both on Gawker sites and on other accounts that use the same credentials. Although the passwords were encrypted, Denton warned that the brute force attack might expose simple ones.
Gawker temporarily disabled Facebook Connect servers, but maintained that it never stored Twitter account passwords. Denton told the New York Post that the site needed to 'improve our internal procedures for the sharing of administrative passwords. And improve the encryption of passwords in case the user database is ever compromised."
The hacking group Gnosis, which took responsibility for the attack, told Mediate blog that they went after Gawker media because of their "outright arrogance."
"We considered what action we would take, and decided that the Gawkmedia ’empire’ needs to be brought down a peg or two. Our groups mission? We don’t have one," the group said, adding that they planned to publish the full source code by 9 p.m. GMT.
A brute force attack bombards servers with numerous combinations of passwords until there's a match, essentially "guessing" the correct password by process of elimination. However, some of the most common passwords for Gawker account holders included "123456" and "password," according to the The Wall Street Journal.