What's new

BBC Server Hacked by Russian


Jul 24, 2013
Reaction score
A Russian hacker breached a computer server at the BBC before Christmas to sell access to other hackers. The BBC’s security team admitted that it managed to secure the website only on the 28th of December, after it had been broken into via a server used to upload large files.

The intruder is known on the Internet as “HASH” or “Rev0lver”. He offered proof that he managed to break in by posting a screenshot of the server and files it contained on an underground forum and was trying to sell access on Christmas.

Security experts said that the hacker did not set a price for access to BBC server, but its value wasn’t the same as that of hacking credit card details. Although the BBC doesn’t store millions of credit cards, they still have something as valuable. Indeed, a person who is able to fabricate a news story could crash financial markets. For instance, when Syrian hackers managed to break into the Associated Press account in 2013 and faked a story about an attack on the White House, the American stock market dropped by 143 points in mere seconds.

Security experts admitted they often see high-profile companies like the BBC getting breached. The giants are targeted more because intruders can easily monetize their gains. In this case, it is unclear whether “HASH” found any buyers or stole any information, but very fact of being able to sell such access can be used as a bargaining chip to get control of other servers.

The attack was carried out against a server which is used for file uploads and downloads from the BBC. Getting access can be only a first step to taking control of a server and using it either to store stolen files and information or to create a command centre for large networks of targeted machined that in turn are used for spam and phishing attacks online. Although the Russian hacker was only offering access to an obscure FTP server, some potential buyers can see it as a way to access other assets within the BBC.

It is known that media companies have been targeted by the Syrian Electronic Army and other hacker activist groups which defaced websites and took over Twitter accounts. A year ago, The New York Times had been repeatedly attacked over 4 months by Chinese hackers who got employees’ passwords. It wasn’t the first attack for BBC either – back in 2012 the company was subjected to a hacker attack, allegedly from Iran, which knocked out its Persian service.
He got access to their FTP...

Top Bottom