December 13, 2010, 11:41 AM — Hack attacks are on the rise. And even if you're not the immediate target, you could still end up a victim.
Fans of artery-clogging fast food and snarky online gossip learned this the hard way last weekend, thanks to hack attacks that took down McDonald's and Gawker.
If you've signed up for updates from Mayor McCheese or ever waded into the cat fights at Gawker and its subsidiary sites, then hackers now have your email address and your password. Nice, eh?
Over the weekend Gawker got totally pwned by a hacker group calling itself Gnosis. Contrary to some published reports, Gnosis is not affiliated with the Anonymous/4channers who've been DDoSing sites on behalf of WikiLeaks. But it apparently saw them as kindred spirits; so when Gawker writers began chiding the 4channers online, Gnosis decided to wreak revenge.
Among other things, Gnosis completely took over Gawker's content management system and posted bogus stories on the site. They also hacked Gawker's databases; included in the trove were the email addresses and log ons for every Gawker employee, along with those for 1.2 million readers who'd commented on one of Gawker's sites. Gnosis decrypted about 200,000 of the addresses and posted the rest on Torrent sites for anyone to download and decrypt. They also parsed out a select list of government email addresses and passwords, apparently for use in future attacks.