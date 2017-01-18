Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Dutch Developer Added Backdoor To Websites He Built, Phished Over 20,000 Users (bleepingcomputer.com) 43

Posted by BeauHD from the bolting-to-the-door dept.
An anonymous reader quotes a report from BleepingComputer: A Dutch developer illegally accessed the accounts of over 20,000 users after he allegedly collected their login information via backdoors installed on websites he built. According to an official statement, Dutch police officials are now in the process of notifying these victims about the crook's actions. The hacker, yet to be named by Dutch authorities, was arrested on July 11, 2016, at a hotel in Zwolle, the Netherlands, and police proceeded to raid two houses the crook owned, in Leeuwarden and Sneek. According to Dutch police, the 35-years-old suspect was hired to build e-commerce sites for various companies. After doing his job, the developer also left backdoors in those websites, which he used to install various scripts that allowed him to collect information on the site's users. Police say that it's impossible to determine the full breadth of his hacking campaign, but evidence found on his laptop revealed he gained access to over 20,000 email accounts. Authorities say the hacker used his access to these accounts to read people's private email conversations, access their social media profiles, sign-up for gambling sites with the victim's credentials, and access online shopping sites to make purchases for himself using the victim's funds.

  • I knew it! (Score:1)

    by Anonymous Coward

    There are two kinds of people in this world I hate.

    Those that are intolerant of other people's cultures and the Dutch.

    • There are two kinds of people in this world I hate.

      Those that are intolerant of other people's cultures and the Dutch.

      How about people who don't know what "phishing" means?

      • Re: (Score:2)

        by gnick ( 1211984 )

        Obviously, phishing means hacking and hacking means "stealing with a computer." What other definitions could there possibly be? Duh.

  • Why not name him? (Score:3)

    by haruchai ( 17472 ) on Wednesday January 18, 2017 @08:14AM (#53688535)

    He's been in custody for over 6 months and is not a minor so why keep his name a secret?

    • Re: (Score:1)

      by Anonymous Coward

      The Dutch never reveal the names of the accused, even after they are found guilty after trial, has to do with the privacy laws.

    • Because nobody here can pronounce it.
  • Should have just added a line to the EULA that he would be able to gain access to your account(s) if you register. Nobody reads the EULA, and there'd be no case against him because it would be in the EULA.

    This should also set the precedent that the government can be arrested if they put backdoors into things... of coursehttps://yro.slashdot.org/story/17/01/18/0527225/dutch-developer-added-backdoor-to-websites-he-built-phished-over-20000-users#, that will never happen. Nothing is illegal if the Government
  • He is a Sneak Thief from Sneek.

  • Anyone know how he got the information out of the sites he'd created? How did he 'install some scripts'? And even then, how did he get the data out?

    I realise that if you're hiring someone like this you might not be so-inclined to watch logs and whatnot, but there must be some sort of trail left by his accesses.

