Free Site Registration

More Debits & Credits Posts

Accounting Software Vulnerable to Hackers

By Michael Cohn
December 7, 2012

Security researchers recently demonstrated a new way that accounting software could be hacked, allowing unauthorized payments to be sent to cybercriminals.

The security site Dark Reading reported Wednesday on proof-of-concept code that was unveiled by researchers at the firm SecureState at a conference in Abu Dhabi. They showed how hackers could create a backdoor in Microsoft Dynamics GP, formerly known as Great Plains Dynamics, but pointed out that similar techniques could be employed with other accounting packages, such as MAS 90, Peachtree, Oracle and SAP.

They created a script that is able to make remote SQL database queries and commit financial fraud using a technique they refer to as “injection and hooking.” Unlike earlier hacking techniques, they would not need to install a piece of Trojan malware in the system that might be detected by antivirus software.

While the Mayhem script was just a proof of concept by researchers whose goal is to make accounting software more secure, it would not be surprising if the same technique were employed by the very hackers they hope to outwit.


Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Debits & Credits, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Follow Accounting Today


Trends in the Accounting Profession

April 18, 2014

Jim Metzler, former AICPA vice president of small firm interests, and founder of Metzler Advisory Group, talks about how the CPA profession is changing.

Lessons in M&A: Client and Staff Retention

April 14, 2014

Transition Advisors president Joel Sinkin talks about what firms should do after a merger to retain their clients and staff members.

Are You Missing These Growth Opportunities?

April 2, 2014

Gale Crosley of Crosley + Company discusses the practice areas and international opportunities that firms often overlook in trying to grow.



Dumbest Employee Excuses for Being Late

March 31, 2014

Running a little late could have big repercussions, especially at a firm in the midst of busy season. From escaped zebras to must-see TV, employers told CareerBuilder some of the most memorable excuses they've heard from tardy employees.

Common Taxpayer Misconceptions

March 19, 2014

The NAEA’s collection of ridiculous things tax clients believe.

The 10 Fastest-Growing Firms in the U.S.

March 10, 2014

The firms with the highest 2013 revenue growth in our Top 100 Firms/Regional Leaders list.

Top 10 Tech Trends for 2014

March 3, 2014

As companies gain more affordable access to new technology and platforms, they also seek to make smarter investments.

Strangest Tax Deductions

January 31, 2014

The Minnesota Society of CPAs recently conducted its annual survey about the most strange and unusual tax deductions proposed by clients.