October 21, 2014

AMD and Philips hacked by r00tbeer

(LiveHacking.Com) – A hacking group known as r00tbeer has claimed to have hacked AMD’s blog and broken into several small sites belonging to Philips. The hackers, whose Twitter account was only created a few days ago, tweeted:

#AMD – R.I.P http://blogs.amd.com , database will be released in few minutes. #r00tbeersec

And then the next day tweeted:

http://www.philips.com  Database dumps – http://www.mediafire.com/?********** … includes 197,000+ emails. RT/Share. #r00tbeersec

During the AMD hack, the hacking group defaced the website and stole a database. AMD has since taken its blog down, replacing it with a message stating that it is undergoing “routine maintenance”.

It is believed that AMD was using WordPress to host its blogs and although the WordPress user database was stolen and subsequently leaked onto the Internet, the passwords in the database should be hard to crack as WordPress uses the strong password hashing framework phpass.

As for the attack on Philips, the gang stolen a few small SQL databases from the  Dutch technology giant and leaked them in full online. Included in the online dump was nearly 200,000 email addresses which will no doubt be used for sending spam!

It does appear that Philips have been a little careless with regards to security as some of the databases dumped contained passwords using simple MD5 hashing and no salting. One database even used plain text to store the passwords.