Website of Car Maker Citroen Hacked by Miscreants

Softpedia.com reported on 18th March, 2014 stating that the German website of the French car manufacturer Citroen, shop.citroen.de, a site for buying Citroen-themed gifts is the latest one among high-status webshop sites to be hijacked by cybercriminals.

The attackers planted a backdoor Trojan on the website shop.citroen.de allowing them (attackers) to steal any data hosted on the webserver.

The car-maker has noted that information of some of its patrons has been hijacked but they aren't sure as to how many individuals have been affected by the unfortunate breach of security.

Softpedia.com published news on 18th March, 2014 stating that Alex Holden, Chief Information Security Officer of Hold Security has probed the breach and eliminated the backdoor Trojan which reportedly had been there since August last year.

According to Holden, it was certain that actors behind the Citroen site breach were also responsible for breaching other websites like PR Newswire, Adobe, and the National White Collar Crime Center. Brian Krebs, Independent Security Blogger of Krebsonsecurity.com website identified a trove of data been taken by cybercriminals in those attacks in 2013.

The hackers have been scanning Internet to look for weaknesses in a web application platform of Adobe known as ColdFusion.

Theguardian.com published a statement on 17th March, 2014 quoting Holden as saying "The exploitation was targeted across the whole Internet looking solely for ColdFusion exploits."

Citroen was not responsible for running the site and it assigned web design company anyMotion to run its main German website and the affected fan site.

Apparently, anyMotion has shut the backdoor and is currently investigating whether the webserver has been hijacked or not by the notorious miscreants. It still remains unknown as to what kind of data has been embezzled but Citroen has been appealing its German clients to check their bank balances for suspicious transactions as there was an indication that payment data card was snatched by the miscreants.

The company also reset site admin passwords for users and probably the information was also compromised.

The attacks have once again highlighted the necessity of updating vulnerable software since vulnerabilities in ColdFusion have been fixed, experts concluded.

» SPAMfighter News - 3/27/2014