CDROM-Guide forums

Go Back   CDROM-Guide forums > Main Forums > Open to All Computer Related Topics > Computer Networking & Security
FAQ Calendar Mark Forums Read
Open   CSec   Data   DevDrv   CoOp   Audio   CDRW   CDG   VCD   DVD   HD DVD   Mac   VGB   PS2   DC   Xbox  

Thread Tools Display Modes
Old Jan 14, 2002, 05:32 PM
Paul_H Paul_H is offline
Join Date: Apr 2000
Posts: 1,462
Default E-commerce problems

sponsored links

A company that processes credit card transactions for websites confirmed on Thursday that customer Web server computers have been hacked and could be used in a massive Internet attack on other computers.

CCBill of Tempe, Arizona, issued a statement to all its customers warning them of the security breach. In an email, the company urged its customers to change their server passwords and search their systems for stealth software called a "bot" that could be hidden in the system.

The bot, dubbed "eggdrop," is designed to listen for instructions via an Instant Relay Chat channel, said Dayne Jordan, co-owner of CompleteWeb, a Columbus, Ohio-based Internet service provider.

Once activated, bots can swing into action, turning hacked Web servers into unwitting drones that could be used to take down major websites.

On Thursday afternoon there were about 1,200 bots in the IRC channel, Jordan said, despite claims of CCBill that only a "minimal percentage" of its customers had been hacked.

"The bots are sitting there and waiting," he added. "If someone comes into the channel and executes the right command, these machines could be used to launch a huge distributed denial-of-service attack."

In a denial-of-service attack, multiple servers are remotely commanded to flood a particular website with so much traffic that it is rendered inaccessible to legitimate Internet traffic. Such a concerted attack from numerous drone computers shut down a handful of sites, including Yahoo! and eBay, in February 1999.

Alan Paller, research director of the System Networking, Administration, and Security Institute, called the hack a "really bad infestation."

In addition to the bots that could be used to turn the Web servers into zombies, administrative user names and passwords of CCBill's clients, as well as user names and passwords of those clients' customers, have possibly been exposed, according to Jordan.

Jordan said he informed CCBill of the problem Monday night after receiving a tip from someone else. Nearly 20 of his own customers had been hacked, all of them CCBill customers, he said.

Tom Fisher, general manager of CCBill, downplayed the problem and declined to release much information.

"We've rectified the problem both at our end and the end of our customers," Fisher said. The company has "thousands" of customers, he said, declining to give a total number or say how many were affected by the hack.

Fisher said CCBill has not contacted the FBI because "it's not that big of an issue."

In its email to customers, CCBill said it had corrected the source of the problem and was working to discover who was behind the hack.

"No other systems at CCBill were affected and only hosting passwords need to be changed," the company's

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Big Problems (experts only) [; ; win2KPro] 420 Windows 2000 4 Feb 19, 2003 01:28 AM
PS2 / Some Standalone DVD Player / Playback Problems WildNeg DVD 3 Feb 07, 2003 07:00 AM
Serious Boot Problems ?? Bios?? mrmetz Open to All Computer Related Topics 3 Oct 28, 2002 05:33 AM
sound and video problems Smooth Open to All Computer Related Topics 5 Sep 01, 2002 10:11 PM
Some Soloutions To Gta3 Problems Brandono Legacy Game Backup 4 Jul 01, 2002 12:02 PM

All times are GMT -5. The time now is 11:29 AM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright 1996-2009 All rights reserved