No Salvation No Forgiveness

DivX's video stream/download service, Stage6, was hacked this Saturday (9 Feb 2008.)

The hack on the website claimed to be by eBaums's World but the speculation is that the actual perpetrator was 4chan. The hack lasted for around 3 hours, until the whole site was taken down by the stage6 staff.

Screenshot of the site during the hack:
http://img509.imageshack.us/img509/7513/lolwutzs8.jpg

During the time the hack lasted, users reported to being redirected to their homepages and to other sites such as <DISTURBING IMAGE IN LINK> Goatse and <ADULT CONTENT> 2girls1cup.

IMPORTANT:

It is still unknown if the attackers obtained the passwords of all the accounts on Stage6 or just a part that was obtained in the last two months, since it is still unclear if the attack was first executed with a phishing technique that let the hackers obtain passwords with a fake login screen that later led to the acquisition of an administrator's password or if the user database was hacked directly. Either way, if you have an account with stage6 and used the same password for other accounts, you HAVE to change it immediately and verify that your paypal or credit card has not been misused. (Click here for info on password security)

A list of the stolen passwords was uploaded, you can download it...
here:
http://rapidshare.com/files/90640033/a1e2.7z.html
here:
http://www.mediafire.com/?djz1ymj9t1y
here:
http://depositfiles.com/files/3470477
here:
http://www.megaupload.com/?d=V2S340B3
and here:
http://d01.megashares.com/?d01=d80d4b0

If you find your account in this list and your pass is the same as the one for your email, I'm sorry but there is a high probability that your accounts (paypal, ebay, credit card information, adult website passes, software serial numbers or any other account in the same vein or any other kind of sensible data) has already been raided and if not, create a new password using the guidelines from the link, above given, and change it ASAP. Again, don't feel safe if your account is not on the list, since is reasonable to think the attackers saved accounts for themselves only and for possible buyers.

It is also possible that the attackers tried to infect people that were trying to install the divx plugin with W32/Agent.ECBJ and of course, the always plausible idea that the whole thing was paid by the MPAA/RIAA since we know they like to play dirty.

About the hackers, I think is really stupid to disrupt one of the best sites on the net.


UPDATE:
Checked www.stage6.com 7am CST, and the site is up again.

UPDATE 2:
Seems there is confirmation that a bigger list exist.


Disclaimer: The links to the list are provided "as is." I take no responsibility whatsoever as of how the list will be used and the list is linked only to help stage6 users find out if they have been affected. pass: 43045