Gawker Media Hacked By New Hacker Group Gnosis: It’s Not Over Yet

derpgawker 0 Gawker Media Hacked By New Hacker Group Gnosis: Its Not Over YetOver the weekend, Gawker Media suffered a major cyber attack, prompting what must be the most earnest, snark-free post the site has ever published. “We understand how important trust is on the internet,” the post reads, “and we’re deeply sorry for and embarrassed about this breach of security—and of trust.” 

While many commenting about the breach on Twitter and various blogs were quick to blame the shadowy Anonymous and Gawker’s nemesis, the ever-anarchic 4Chan, the soon-to-be legendary Gawker hack may have marked the rise of a new, formidable cyber terror against Gawker’s avatars of gossip—a bravura group of hackers who call themselves “Gnosis.”

“Gnosis” uploaded megabyte upon megabyte of sensitive Gawker user and author-related content to a torrent site, then topped off Nick Denton’s sorry Sunday with a nasty cherry of a blog post published on Gawker.com, via editor Adrian Chen’s compromised account. The hacker-authored post pointed puzzled Gawker readers to the torrent page where they were greeted by a triumphant message from Gnosis, which read in part:

Previous attacks against the target were mocked, so we came along and raised the bar a little.

Fuck you gawker, hows this for “script kids”?

Your empire has been compromised, Your servers, Your database’s, Online accounts and source code have all be ripped to shreds! You wanted attention, well guess what, You’ve got it now!

Based on the claims made by Gnosis both in communication with sites like Mediaite and The Next Web, in particular (contacting Mediaite, a direct Gawker competitor, was surely a slam in its own right), the breach was truly huge:

  • The user information–passwords, emails and user names–for 1.3 million Gawker Media site commenters. A remarkable number of the passwords were set aside in a text file all their own owing to their simplicity and ridiculous insecurity; apparently a lot of Gawker commenters have been fond of using “password” or worse, “QWERTY” to secure their accounts. Also found in the user data: numerous password and email combos in which the email addresses ended in .mil or .gov–a potential route to serious cyber sabotage at the government level if there ever was one.
  • A good deal of Gawker Media owner Nick Denton’s information, including logins, URLs and a password the hackers state Denton “likes to use… everywhere.” Notes included with the information uploaded to The Pirate Bay (a known safe haven for files used hackers worldwide) gave Denton’s complete login information to his Gawker email account, Twitter, and Campfire, a real-time chat program used by Gawker staff to collaborate and chat about works in progress.
  • What appears to be the login information for several Gawker staff and editors present and past, including former staffers Alex Pareene and Choire Sicha.
  • Login information for file transfer sites as well as the Gawker login data for paywall-locked articles in the Wall Street Journal, gleaned from Campfire chat logs.

In the “Read Me” file attached to Gawker’s stolen data, Gnosis quoted an alleged Campfire chat exchange between Gawker editors that gave a hint about the hackers’ motivations. It read, in part:

Maureen O. it appears that there is dissent among the 4channers as to whether 4chan’s attack on us means 4chan is pathetic and unscary now.

Richard L.
“this is ryan tate… reporting live… from the 4chan attack…
casualties here are high… richard lawson has been keening for
over an hour, tearing at his hair and clothing… the air is
thick with smoke…” you’ll win a pulitzer!

Hamilton N.
be sure to point out that they are dorks for doing that.

Jim N.
I really hate the fucking internet. carry on!

Hamilton N.
Jim you should make an angry video response.

Brian M.
10 Things 4Chan Users Should Do Rather than Attack Us

Hamilton N.
tell em what’s what.

Brian M.
that’s what I would write

Jim N.
“fuck all of this, I’m going Luddite”

Ryan T.
when my personal webserver goes down I am blaming all of you

Ryan T.
no wait, I already do

Ryan T.
how long did we go down for? (TWSS amirite hamno?)

Ryan T.
srsly though, anyone remember? or was it just slooowwwww

Maureen O.
i don’t think we actually went down — slowed a little, but not much?

Ryan T.
cool

Brian M
.
The headeline of your post should be “Suck on This, 4Chan”

Maureen O.
I like the call to make today Everybody Write About 4chan Day

Hamilton N.
Nick Denton Says Bring It On 4Chan, Right to My Home Address (After The Jump)

Ryan T.
We Are Not Scared of 4chan Here at 210 Elizabeth St NY NY 10012

Richard L.
don’t forget Fourth Floor

In an email exchange with Mediaite’s Colby Hall, Gnosis stated, “We don’t like being lumped with 4chan though, but I guess it was inevitable. People on twitter are saying ‘4chan’s Gnosis hacked Gawker’.” The quoted Campfire chat, however, seems to indicate that Gawker’s attitude towards the wild and woolly forum was a strong motivation for Gnosis’s actions.

Gawker’s response to the crisis, published on its flagship site, was brief, rueful, and to the point. In this post, Gawker Management expressed embarrassment and noted that “yes, the irony is not lost on us.” Comments were not enabled.

A subject of real contention for longtime Gawker readers discussing the hack on sites like Tumblr and Twitter appeared to be a Campfire exchange documented in a screen capture given to The Village Voice’s “Runnin’ Scared”

%name Gawker Media Hacked By New Hacker Group Gnosis: Its Not Over Yet

Screencap via Village Voice

The exchange was likely joking and referencing an alleged hack that took place last summer. That didn’t stop some Twitter users from making a lot out of Richard Lawson’s use of the word, “peasants.” Blogger Ben Domenech, who has had his own brief moment in the Gawker sun, tweeted a pretty typical response: “Gawker reaction to 1.5 million people’s username/passwords being compromised: they’re just ‘peasants.’ http://bit.ly/eL62NC.”

In the larger context of the overall attack, the Campfire chat was just one more lightning bolt in a PR storm that is likely to be felt in its fullest fury at Gawker HQ beginning Monday.

Gawker Media appears to have locked down access to its blog publishing system, preventing further joke posts, but The Next Web reports that this isn’t over: “We have been told that there are still things to come and that Gnosis aren’t finished yet.”