1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Ex Hostgator employee charged with installing backdoor on 2700 servers

Discussion in 'BlackHat Lounge' started by 357Smith, Apr 24, 2013.

  1. 357Smith

    357Smith Junior Member

    Joined:
    Jul 13, 2012
    Messages:
    179
    Likes Received:
    400
    A former employee of web hosting provider HostGator has been arrested and charged with installing a backdoor giving him control to more than 2,700 servers, according to a report Friday by Ars Technica.

    Eric Gunnar Gisse, 29, of San Antonio, Texas, worked as a medium-level administrator from September 2011 until he was terminated on February 15, 2012, according to the report. A day after his dismissal, HostGator noticed a backdoor application that allowed Gisse to log in to servers from remote locations.
    Gisse obtained a HostGator digital SSH key and transferred it to computers under his control, and tried to disguise his malware as a widely used Unix administration tool to prevent his boss from discovering the backdoor process.

    HostGator COO Patrick Pelanne tells Ars that there is no evidence he used the private customer data he was able to see through the root access because HostGator ?caught it well before he any chance to do any of that.?While Gisse is scheduled to be arraigned in May, and is innocent until proven guilty, it does show that even mid-level employees can pose a threat to sensitive information, particularly when it comes to web hosting. Having access to 2,700 servers could mean Gisse had access to potentially thousands of customers? information.

    He is being held at the Harris County Jail on $20,000 bond.

    Two years ago, also in San Antonio, a former Rackspace employee was sentenced to two years of probation after pleading guilty to two counts of wire fraud, admitting that he submitted fake service orders with the intent of earning higher commissions.*

    In 2011, Go Daddy was hit by a lawsuit from a customer that accused the web host of being negligent when it handed over domains belonging to his business to a former business partner, locking him out of his account.

    http://www.thewhir.com/web-hosting-...rged-with-installing-backdoor-on-2700-servers
     
  2. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,774
    Likes Received:
    6,307
    Home Page:
    Lol. Wonder what he was planning to do with access to all those servers. Bitcoin mining? :)
     
    • Thanks Thanks x 1
  3. kuzmanin

    kuzmanin Regular Member

    Joined:
    Jul 17, 2010
    Messages:
    386
    Likes Received:
    45
    Haha
    Seems like host gator security is not so good
     
  4. omnipotent$

    omnipotent$ Regular Member

    Joined:
    Mar 23, 2013
    Messages:
    493
    Likes Received:
    288
    Some people will never learn. Tsk, tsk...
     
  5. seoguy99

    seoguy99 Jr. VIP Jr. VIP

    Joined:
    Nov 6, 2010
    Messages:
    2,299
    Likes Received:
    513
    Occupation:
    SEO
    Home Page:
    Every company is made of HUMAN. Be it hostgator or google or whichever company.
    Issues arise everywhere... Undoubtly hg is the best.....
     
  6. Panther28

    Panther28 Elite Member

    Joined:
    May 2, 2010
    Messages:
    2,268
    Likes Received:
    3,405
    Occupation:
    Internet.
    Location:
    Internet.
    Feed him to the company crocodile
     
    • Thanks Thanks x 2
  7. Known

    Known Regular Member

    Joined:
    Jan 27, 2013
    Messages:
    266
    Likes Received:
    187
    Occupation:
    IM
    Location:
    OH CANADA!!!!
    Can't even imagine how much of the internet would be down if all those servers went away :p HG is known for their over-filled servers.
     
  8. srinu0812

    srinu0812 Supreme Member

    Joined:
    Nov 1, 2012
    Messages:
    1,311
    Likes Received:
    755
    Hahahaha. You meant this ? hostgator-coupons.gif
     
    • Thanks Thanks x 1
  9. Ptrick125

    Ptrick125 Regular Member

    Joined:
    Mar 4, 2013
    Messages:
    428
    Likes Received:
    113
    Occupation:
    Going To School
    Location:
    Near Austin, Texas
    Home Page:
    Don't server companies have precautions to prevent stuff like this from happening in the first place?
     
  10. Jonny Quick

    Jonny Quick BANNED BANNED

    Joined:
    Aug 26, 2010
    Messages:
    231
    Likes Received:
    340
    I don't even know why this is news. Of COURSE "mid-level employees" pose a security risk.

    Just ask Bradley Manning how "important" you have to be in order to gain access to critical and sensitive information.

    http://en.wikipedia.org/wiki/Bradley_Manning
     
    • Thanks Thanks x 2
  11. Black.Star

    Black.Star Junior Member

    Joined:
    Oct 4, 2011
    Messages:
    185
    Likes Received:
    1,028
    Occupation:
    IT security specialist
    Location:
    Europe
    For attackers from the outside, yes.
    The game changes when you are considered a "trusted person" (employee, friend, authority person etc.)
    Social engineering mate.