I interviewed Gnosis, they wouldn't go into any specific detail as to how they gained entry.
From what I have found out, it looks like they used a vulnerability found within a three year old Minify script that hadn't been upgraded. This gave them access to other parts of the server:
From what I have found out, it looks like they used a vulnerability found within a three year old Minify script that hadn't been upgraded. This gave them access to other parts of the server:
http://www.thedailybeast.com/blogs-and-stories/2010-12-14/ga...
Don't quote me on that however.