Dutch Developer built backdoor entry into the websites he built, stole 20000 passwords

A Dutch Developer illegally built backdoor entry into the websites he built, accessing login information of 20,000 email users. Apparently, the unnamed 35-year-old Web Developer was caught last year on July 11, 2016, by the police at a hotel in Zwolle, Netherlands. The Police raided the Developer’s two houses, located in Leeuwarden and Sneek.

Dutch Developer

The Police are currently in the process of notifying the victims whose credential were stolen on changing their usernames and passwords.

Web Developer built backdoor entry into websites

As per the cops, the Dutch developer specializes in building E-commerce websites and developed many for various companies. Allegedly he built backdoor entries while working on those E-commerce websites with malicious intentions of exploiting them for personal gains.  He wrote several scripts that allowed him to sniff information about site’s users.

The police said,

“Various companies used him to build sites with web shop functionality. The man was able to capture usernames and passwords by installing a special script. He then used those credentials to break into email and social media accounts of customers of those shops.”

Using the unauthorized access, the developer used to read private email conversations, access user’ social media accounts, sign-up for gambling sites with the victim’s credentials, and shop online using the victim’s funds.

The Police received first clues on the Rogue Developer’s action in November 2014, when a user complained about finding purchases made on his behalf by someone else. During the investigation, the Police found that the stolen credentials were abused to open fake accounts, trap family members to transfer money and make online purchases. Some of his identity abuses are even impossible to trace.

Cyber criminals may exploit Dutch Developer arrest

The developers’ arrest certainly does not mean the end of this Cybercrime Act, as the Police suspect that the other Cybercriminals may use this as an opportunity to trick Dutch users with bogus police warnings containing a malicious download.

The Police has warned users to not open emails from untrusted resources as he Police’s communications will never contain any download links or attachments.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.


  1. Ian Crick

    It would be nice for people to see a list of every website he has worked on and if the site has been re-created by someone else. I am very careful which sites I use and nearly all the sites I use, are well established, but you never know who could have worked on them, like this developer. Seeing a list of sites they have worked on, could put lots of peoples minds at rest. This is one person creating backdoors into either websites or apps and I really hope these people are fully dealt with by the law and it will hopefully teach them a lesson and others might also realise just what happens when they get caught. A slap on the wrist is no longer any good and more severe action needs taking. These people should then be banned from every working with websites again.

  2. I agree. I am sure that all the individual website owners must have been informed but that list should be made public too.

  3. ijstaartindeoven

    offtopic: When I click on the link after RECOMMENDED, it gets blocked by Malwarebytes.

  4. Caleb

    Malwarebytes likes to block everything these days. It removed some of my programs so I moved to Emsisoft.

  5. MmeMoxie - √ Cert. Deplorable

    Just my thinking – Since, this developer is still being investigated putting out a list could start having cyber criminals to start using them. When the investigation is done then the list should be published. Not only should this developer not be allowed to every use a computer again he deserves jail time. 20,000 passwords and emails is a lot. It is highly possible he phished some of them and got passwords to financial or sensitive accounts. There are too many people who use their computers and don’t have a clue what to really do. This is why Phishing is still being used.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 + 2 =