Reply to post:

OnePlus minus 40,000 credit cards: Smartmobe store hacked to siphon payment info to crooks

Anonymous Coward
Anonymous Coward

> I would spend 30 minutes writing a Nagios script to verify the web content on the remote server periodically (every 24-hours)

(Static) web content isn't the issue.

There was almost certainly something generating dynamic pages on the backend (PHP, JBoss/Struts, maybe some web framework), and it wasn't being patched regularly. Or else the application code itself was written insecurely. Either way, the attacker exploited some vulnerability to add additional code that did the dirty. It could, for example, have installed a cron job which sent out the credit card details periodically.

Protecting the *whole* system with something like tripwire might have alerted them sooner though.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019