Victor Gevers, cyber security specialist from the Netherland, found a backdoor that gives access to servers of thousands of Russian companies. In total a vulnerability is detected in more than two thousand of data bases. It’s interesting that to access the backdoor the account admin@kremlin.ru is used in MonhoDB data bases.
Mr. Gevers told ZDNet that the first time he saw the dangerous account on the website "Stoloto", the Russian state lottery. After that he started to look for admin@kremlin.ru in other public bases and he succeed. In all cases the account required the remote access to information and used the same account data.
All mentioned data bases were in shared access with default settings. So anyone could receive the information. Through that backdoor it was possible to get access to servers of not only Russian companies but also Russian branches of foreign corporations, including, for example, Russian division of Disney. Some vulnerable bases belonged to local banks, finance institutions and big Russian telecom companies.
Also admin@kremlin.ru was found in the data base of The Ministry of Internal Affairs of Ukraine. The base is used to maintain the register of pre-court investigations that the Prosecutor General Office of Ukraine undertakes against corrupt politicians. Mr. Gevers didn’t delve deeply into the company server logs because it would be beyond the security research. That’s why the specialist can’t say what the back door was designed for. However the vulnerability could be used to steal or adjust the corporate information.