Hackers use recycled backdoor to keep a hold on hacked e-commerce server
Enlarge (credit: Jeremy Brooks / Flickr)
Who needs a better mousetrap when the old one is fine?
That was the approach of hackers who recently compromised a server running open source e-commerce platform Magento. To guard against the possibility of being locked out of the server should the rightful operators ever discover the breach, the attackers left behind a simple but effective script.
To the naked eye, the script was easy to miss amid countless other Magento files. Examining the code inside, however, revealed that it was a backdoor that was activated by sending the server a simple and innocuous-looking Web request. With that, an attacker who otherwise might have been booted out of the server could instantly become a server administrator with unfettered control of the system.
Read 8 remaining paragraphs | Comments