New victims inducted into botnet preying on websites running ColdFusion

Investigators have identified more victims of a botnet that collects payment card data and other sensitive information by preying on websites running poorly secured installations of Adobe's ColdFusion Web server platform.

Car manufacturer Citroën and e-commerce sites and were named in two media reports published Monday, one by The Guardian and the other by KrebsOnSecurity. The reports highlight the harm that can continue to occur as a result of vulnerabilities even months after they're patched by Adobe and other developers. A separate article by reporter Brian Krebs published last week revealed jam and jelly maker Smuckers and credit card processor SecurePay were also hit by similar attacks. Krebs said several unidentified sites were affected as well.

The reports come five months after federal prosecutors charged a 28-year-old UK man of hacking thousands of computer systems, many of them belonging to the US government. The man stole massive quantities of data that resulted in millions of dollars in damages to victims, and many of those breaches were the result of hacks that exploited ColdFusion. Similar attacks were reported 11 months ago, including one that hijacked a server hosting provider and exposed sensitive customer data. Complicating matters was the October discovery of server hosting ColdFusion source code. The server was operated by criminals who obtained the code after breaching Adobe's corporate network, Krebs reported at the time.

Read 4 remaining paragraphs | Comments