Ex-Hostgator employee allegedly installed backdoor on 2,700 servers

By on April 22, 2013, 11:31 AM

A former Hostgator employee has been charged with felony breach of computer security for allegedly installing a backdoor that granted nearly unimpeded access to more than 2,700 servers owned and operated by the popular web hosting company.

Prosecutors say 29-year-old Eric Gunnar Gisse, of San Antonio, Texas, worked at the hosting firm from September 2011 through February 15, 2012 as a medium-level administrator. The day after his departure, Hostgator discovered a backdoor application that let Gisse log into servers remotely.

The hack was possible due to the fact that Gisse was able to obtain a Hostgator digital SSH key which he was then able to transfer to other systems.

Officials with the hosting company say he went to great lengths to keep the backdoor under wraps, disguising it as a common Unix admin tool. Houston Police Department investigator Gordon M. Garrett said in an affidavit that the process was named ‘pcre’ which is a common system file. The file was ultimately discovered on 2,723 Hostgator servers, the affidavit notes.

Although officials seem confident that Gisse is responsible for the hack, there’s no evidence that he ever used it to gain unauthorized access remotely. Hostgator COO Patrick Pelanne said the company caught it well before he had a chance to access customer content with it.

Court documents show that Gisse is scheduled to be arraigned next month although it’s unclear if he has entered a plea. The district attorney’s office said he is being held on $20,000 bond at the Harris County Jail.

User Comments: 6

Got something to say? Post a comment
Guest said:

Was he accessing it from home or something? I wonder if he were using a proxy, or VPN or something... would he still have gotten caught?

howzz1854 said:

Great... I have my server with gator.. $20,000? that's it?

j05hh j05hh said:

Customer lawsuit? ?

Trillionsin Trillionsin said:

I dont even believe this. I think they just needed someone to pin it on.... and since he left at just the right time, or WRONG time, they found it would be easy to pin it on this unluckly guy.

Guest said:

Score one for Businesses against disgruntled employees!

Zeromus said:

Off with his head! Nah just kidding, but seriously, that's not cool.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.