Gradually, the details of the coming cyber-intrusion at Hetzner web
hosting brought to light: In an interview with Netzwelt.de explains
Tobias Huch media entrepreneur that he was behind the burglary. He
claimed that he could pull themselves up after a note containing a
normal customer account via FTP in the directory structure and to reach
as critical areas of the server.
In this way he will be getting to the root password to the server and
other server management. Yikes This will eventually have access "to all
real systems" had. Then he made an editor of the Mirror familiar with
the matter, so this is in conjunction with Hetzner. For demonstration
purposes, he will "personally, among other things with a password by
Martin Hetzner" the editor have provided.
When contacted by heise Security Manager Martin Hetzner confirmed that
it was the Mirror last Wednesday drew attention to the security problem.
The information previously provided by Huch would not be sufficient to
track the intruder can seamlessly. Huch was "not as knowledgable as
desired" and have the company with "little or nothing" to supply
information. Hetzner, however, could understand the basis of a data bank
statement no doubt that an access has occurred on the internal database.
For irritation caused also the time, went to the Huch in connection with
Hetzner.
While Huch said in the interview that the "worst gaps directly" were
closed by the contact part of the mirror, he stated towards Hetzner,
that he is already in the past year, access gave the password and the
gap earlier this year, probably unwittingly, by Hetzner has been closed.
Since Hetzner not yet know the exact cause of the problem, the company
is working with an external service to the Enlightenment. According
Hetzner there is as yet no evidence that the vulnerability has been
misused for criminal purposes.
No comments:
Post a Comment