Slashdot Mirror


Dutch Developer Added Backdoor To Websites He Built, Phished Over 20,000 Users (bleepingcomputer.com)

An anonymous reader quotes a report from BleepingComputer: A Dutch developer illegally accessed the accounts of over 20,000 users after he allegedly collected their login information via backdoors installed on websites he built. According to an official statement, Dutch police officials are now in the process of notifying these victims about the crook's actions. The hacker, yet to be named by Dutch authorities, was arrested on July 11, 2016, at a hotel in Zwolle, the Netherlands, and police proceeded to raid two houses the crook owned, in Leeuwarden and Sneek. According to Dutch police, the 35-years-old suspect was hired to build e-commerce sites for various companies. After doing his job, the developer also left backdoors in those websites, which he used to install various scripts that allowed him to collect information on the site's users. Police say that it's impossible to determine the full breadth of his hacking campaign, but evidence found on his laptop revealed he gained access to over 20,000 email accounts. Authorities say the hacker used his access to these accounts to read people's private email conversations, access their social media profiles, sign-up for gambling sites with the victim's credentials, and access online shopping sites to make purchases for himself using the victim's funds.

1 of 123 comments (clear)

  1. Re:Why not name him? by Zontar_Thing_From_Ve · · Score: -1, Flamebait

    He's been in custody for over 6 months and is not a minor so why keep his name a secret?

    This is the EU. He was arrested 6 months ago, but he may not actually be being held. I have no idea. Remember, in the EU (OK, the UK and maybe France are exceptions) the emphasis will be on figuring out why society failed him so that he turned to crime, not about making the point that what he did was a bad thing. I'll predict he'll at most get 2 years in the cushiest jail they can find and I wouldn't be surprised at all if he pays no fine and they don't even take his ill gotten gains from him. After all, he might feel bad if he was actually punished for his crime. Once he gets out of jail he can apply for the crime to be legally "forgotten" so he can work in the IT industry again and maybe do the same thing all over again. Publishing his name might make him feel bad. Can't do that.

    Keep in mind that in most or all of the EU criminals have the right for nobody to ever find out that they were criminals but you can be jailed for years for saying certain things. No for doing things. Merely for saying things. Things that don't threaten anybody's safety or well being. Yep, those guys really have a good sense of justice and what's important over there.