Hackers use recycled backdoor to keep a hold on hacked e-commerce server

Dan Goodin

from Ars Technica - All content on 2020-07-22 10:45 (#560TD)

Enlarge (credit: Jeremy Brooks / Flickr)

Who needs a better mousetrap when the old one is fine?

That was the approach of hackers who recently compromised a server running open source e-commerce platform Magento. To guard against the possibility of being locked out of the server should the rightful operators ever discover the breach, the attackers left behind a simple but effective script.

To the naked eye, the script was easy to miss amid countless other Magento files. Examining the code inside, however, revealed that it was a backdoor that was activated by sending the server a simple and innocuous-looking Web request. With that, an attacker who otherwise might have been booted out of the server could instantly become a server administrator with unfettered control of the system.

Read 8 remaining paragraphs | Comments

index?i=lgOtBl-VjsY:J6P5NmD8-yU:V_sGLiPB

index?i=lgOtBl-VjsY:J6P5NmD8-yU:F7zBnMyn

Source	RSS or Atom Feed
Feed Location	http://feeds.arstechnica.com/arstechnica/index
Feed Title	Ars Technica - All content
Feed Link	https://arstechnica.com/