Categories: Science & Technology

Heartbleed bug turned cyber criminals from attackers into victims

The Heartbleed bug has turned cyber criminals from attackers into victims as researchers use it to grab material from chatrooms where they trade data.

Discovered in early April, Heartbleed lets attackers steal data from computers using vulnerable versions of some widely used security programs.

Now it has given anti-malware researchers access to forums that would otherwise be very hard to penetrate.

The news comes as others warn that the bug will be a threat for many years.

The Heartbleed vulnerability was found in software, called Open SSL, which is supposed to make it much harder to steal data. Instead, exploiting the bug makes a server hand over small chunks of the data it has just handled – in many cases login details or other sensitive information.

The Heartbleed bug has turned cyber criminals from attackers into victims as researchers use it to grab material from chatrooms where they trade data

French anti-malware researcher Steven K said: “The potential of this vulnerability affecting black-hat services (where hackers use their skills for criminal ends) is just enormous.”

Heartbleed had put many such forums in a “critical” position, he said, leaving them vulnerable to attack using tools that exploit the bug.

Steven K said he was using specially written tools to target some closed forums called Darkode and Damagelab.

“Darkode was vulnerable, and this forum is a really hard target,” he said.

“Not many people have the ability to monitor this forum, but Heartbleed exposed everything.”

Charlie Svensson, a computer security researcher at Sentor, which tests company’s security systems, said: “This work just goes to show how serious Heartbleed is. You can get the keys to the kingdom, all thanks to a nice little heartbeat query.”

Individuals who repeat the work of security researchers such as Steven K could leave themselves open to criminal charges for malicious hacking.

The widespread publicity about Heartbleed had led operators of many websites to update vulnerable software and urge users to change passwords.

Many so-called smart devices, such as home routers, CCTV cameras, baby monitors and home-management gadgets that control heating and power, were now known to be vulnerable to Heartbleed-based attacks.

A survey by tech news site Wired found that smart thermostats, cloud-based data services, printers, firewalls and video-conferencing systems were all vulnerable.

Other reports suggest the makers of some industrial control systems are also now producing patches for their software to limit the potential for attack.

D81LlkkunV4
Nancy Clayson

Nancy is a young, full of life lady who joined the team shortly after the BelleNews site started to run. She is focused on bringing up to light all the latest news from the technology industry. In her opinion the hi-tech expresses the humanity intellectual level. Nancy is an active person; she enjoys sports and delights herself in doing gardening in her spare time, as well as reading, always searching for new topics for her articles.

Recent Posts

Donald Trump and Elon Musk Celebrate Election Victory at UFC 309

Image source: Wikimedia Commons President-elect Donald Trump celebrated his election victory at the Ultimate Fighting…

5 days ago

White House 2024: Donald Trump Wins, Kamala Harris Calls Him to Concede Election

Millions of voters across the US chose to return Donald Trump to the White House…

2 weeks ago

Who Won? Donald Trump Declares Victory as He Addresses Jubilant Supporters in Florida

Donald Trump declares victory in the US election as he addresses jubilant supporters in Florida.…

2 weeks ago

Stocks Soaring as Donald Trump Closes in on US Victory

Stocks around the world are rising as Donald Trump appears to be on the cusp…

2 weeks ago

Who Won? Kamala Harris Cancels Election Night Party as Path to Victory Narrows

Donald Trump has won Pennsylvania, North Carolina and Georgia and taken a lead over Kamala…

2 weeks ago

Quincy Jones Dead at 91

Quincy Jones, the celebrated musician and producer who worked with Michael Jackson, Frank Sinatra, Ray…

2 weeks ago