AMD’s official blog has become the latest victim of hackers after a four-man group known as r00tbeer breached the server it was hosted on, defaced the blog and dumped a SQL database with the user credentials of nearly 200 of the company's staff.
The chip-maker shut down its WordPress powered blog shortly after the attack on Sunday, notifying those visiting that it was down for routine maintenance and would return as soon as possible. At this time, it’s unknown how the hackers gained access to the CMS platform, or what provided the motivation for the attack.
A day earlier, r00tbeer teased, “our next target will be a large company. Stay tuned for the upcoming database dump,” leaving many wondering whom it would be. The following morning that question was answered after revealing they had breached AMD’s blog, and minutes later posted a link to the database dump in a separate tweet. It appears Mediafire has since removed the linked file.
The 32KB SQL database dump included 189 email addresses, 174 belonging to AMD employees and PR representatives of the firm. Other details released by the hackers included surnames of the account holders, as well as what appear to be PHPass-hashed passwords, and a few included an unexplained field, “user_activation_key.”
Despite every breach being serious, security experts from Sophos played down the incident. “All in all, a small deal in the history of security breaches. More of a hackette than a hack, and no AMD customers need to panic, which is good news,” said Paul Ducklin, Sophos head of technology for Asia Pacific.
He continued, “if only we were collectively more conscientious about patching against criminals, and if only those criminals were more likely to be caught! Patch early. Patch often. Keep logs. Report breaches.”
AMD did not respond to requests for further comment regarding r00tbeer’s claims, or when the blog is expected to return.