Update :
The latest tweet from the hacker shows he compromised the database containing username and password details belong to these websites "The database of #MileyCyrus, #SelenaGomez......etc with 2,5 million users and pass is for sell, anyone interested email me at my mail"
Exclusive Information:
The hacker told E Hacking News that he found multiple vulnerabilities in the Groundctrl website and gained access to the database server.
He also gained access to the CMS panel which manages the celebrities' websites.
Original Article:
A hacker going by online handle "Ethical Spectrum" has hacked into websites belong to several celebrities and defaced the sites.
The affected websites include Miley Cyrus official site(mileycyrus.com), Selena Gomez(selenagomez.com), Taylor Swift site(taylorswift.com), Britney Spears site(britneyspears.com).
We are able to confirm that these are official websites of the celebrities, as it is being linked from their twitter account.
According to hackers twitter account(@Eth_Spectrum), he hacked into the above mentioned websites on March 8th. The website was restored after the breach. However, hacker mentioned he once again managed to deface them. ]
Other websites attacked by the hacker are Ground Ctrl(groundctrl.com), mypinkfriday.com, Chelsea Handler site (chelseahandler.com), Aaron Lewis(aaronlewismusic.com/), therealcocojones.com, christinagrimmieofficial.com, Kacey Musgraves(kaceymusgraves.com).
The defacement just reads "Why i hacked this site, you can ask this person greg.patterson@groundctrl.com".
Greg Patterson is the co-founder of the Groundctrl, an organization that build websites for artists. It appears the security breach started from Groundctrl.
Other affected sites:
http://www.zone-h.org/archive/notifier=Ethical%20Spectrum
All of the affected websites are currently showing the maintenance error message except groundctrl official website.
Hacker didn't provide much information about the breach, so we are not sure how exactly he hacked into all of these websites, whether he found a zero-day exploit on the cms developed by groundctrl or all of the affected sites managed in a central place.
The latest tweet from the hacker shows he compromised the database containing username and password details belong to these websites "The database of #MileyCyrus, #SelenaGomez......etc with 2,5 million users and pass is for sell, anyone interested email me at my mail"
Exclusive Information:
The hacker told E Hacking News that he found multiple vulnerabilities in the Groundctrl website and gained access to the database server.
He also gained access to the CMS panel which manages the celebrities' websites.
 |
| GroundCtrl CMS Panel |
Original Article:
The affected websites include Miley Cyrus official site(mileycyrus.com), Selena Gomez(selenagomez.com), Taylor Swift site(taylorswift.com), Britney Spears site(britneyspears.com).
We are able to confirm that these are official websites of the celebrities, as it is being linked from their twitter account.
According to hackers twitter account(@Eth_Spectrum), he hacked into the above mentioned websites on March 8th. The website was restored after the breach. However, hacker mentioned he once again managed to deface them. ]
Other websites attacked by the hacker are Ground Ctrl(groundctrl.com), mypinkfriday.com, Chelsea Handler site (chelseahandler.com), Aaron Lewis(aaronlewismusic.com/), therealcocojones.com, christinagrimmieofficial.com, Kacey Musgraves(kaceymusgraves.com).
The defacement just reads "Why i hacked this site, you can ask this person greg.patterson@groundctrl.com".
Greg Patterson is the co-founder of the Groundctrl, an organization that build websites for artists. It appears the security breach started from Groundctrl.
Other affected sites:
- Pat Green(patgreen.com),
- Rob Thomas(robthomasmusic.com),
- Rock Mafia(rockmafia.com ),
- ritawilson.com ,
- sum41.com
- nickcarter.net
- jordanknight.com
http://www.zone-h.org/archive/notifier=Ethical%20Spectrum
All of the affected websites are currently showing the maintenance error message except groundctrl official website.
Hacker didn't provide much information about the breach, so we are not sure how exactly he hacked into all of these websites, whether he found a zero-day exploit on the cms developed by groundctrl or all of the affected sites managed in a central place.
