A former medium-level administrator at HostGator has been arrested and charged with planting a backdoor that gave him unfettered access to over 2700 servers.

The description of the attack provided by ArsTechnica seems to indicate that he also stole an SSH private key from HostGator and used it to gain access (or could have used it to gain access) to the 2700 servers. HostGator insists that customer data was not compromised in the incident.

While it can sometimes be necessary to have access to servers, the description of this backdoor (disguising a remote access process) is highly unusual and suspect.

Related Links:

• ArsTechnica: Former Hostgator employee arrested, charged with rooting 2,700 servers