Categories: Science & Technology

Heartbleed bug turned cyber criminals from attackers into victims

The Heartbleed bug has turned cyber criminals from attackers into victims as researchers use it to grab material from chatrooms where they trade data.

Discovered in early April, Heartbleed lets attackers steal data from computers using vulnerable versions of some widely used security programs.

Now it has given anti-malware researchers access to forums that would otherwise be very hard to penetrate.

The news comes as others warn that the bug will be a threat for many years.

The Heartbleed vulnerability was found in software, called Open SSL, which is supposed to make it much harder to steal data. Instead, exploiting the bug makes a server hand over small chunks of the data it has just handled – in many cases login details or other sensitive information.

The Heartbleed bug has turned cyber criminals from attackers into victims as researchers use it to grab material from chatrooms where they trade data

French anti-malware researcher Steven K said: “The potential of this vulnerability affecting black-hat services (where hackers use their skills for criminal ends) is just enormous.”

Heartbleed had put many such forums in a “critical” position, he said, leaving them vulnerable to attack using tools that exploit the bug.

Steven K said he was using specially written tools to target some closed forums called Darkode and Damagelab.

“Darkode was vulnerable, and this forum is a really hard target,” he said.

“Not many people have the ability to monitor this forum, but Heartbleed exposed everything.”

Charlie Svensson, a computer security researcher at Sentor, which tests company’s security systems, said: “This work just goes to show how serious Heartbleed is. You can get the keys to the kingdom, all thanks to a nice little heartbeat query.”

Individuals who repeat the work of security researchers such as Steven K could leave themselves open to criminal charges for malicious hacking.

The widespread publicity about Heartbleed had led operators of many websites to update vulnerable software and urge users to change passwords.

Many so-called smart devices, such as home routers, CCTV cameras, baby monitors and home-management gadgets that control heating and power, were now known to be vulnerable to Heartbleed-based attacks.

A survey by tech news site Wired found that smart thermostats, cloud-based data services, printers, firewalls and video-conferencing systems were all vulnerable.

Other reports suggest the makers of some industrial control systems are also now producing patches for their software to limit the potential for attack.

D81LlkkunV4
Nancy Clayson

Nancy is a young, full of life lady who joined the team shortly after the BelleNews site started to run. She is focused on bringing up to light all the latest news from the technology industry. In her opinion the hi-tech expresses the humanity intellectual level. Nancy is an active person; she enjoys sports and delights herself in doing gardening in her spare time, as well as reading, always searching for new topics for her articles.

Recent Posts

Quincy Jones Dead at 91

Quincy Jones, the celebrated musician and producer who worked with Michael Jackson, Frank Sinatra, Ray…

5 hours ago

White House 2024: Voter Fraud Claims Flood Social Media

Misleading allegations, rumours and outright lies about voting and fraud are flooding online spaces in…

2 days ago

Spain: At Least 158 Killed In The Country’s Worst Flooding Disaster

At least 158 people have died in Spain's worst flooding disaster in generations. On October…

4 days ago

Russia Fines Google $20,000,000,000,000,000,000,000,000,000,000,000, Surpassing Global GDP

Google has been fined two undecillion (a two followed by 36 zeroes) roubles by a…

4 days ago

Financing Your Home Remodel: 7 Tips for Success

Embarking on a home remodel is an exciting journey, promising enhanced comfort, increased property value,…

2 weeks ago

Donald Trump Serves Up McDonald’s Fries While Kamala Harris Celebrates 60th Birthday with Church Choir

The US presidential candidates continued to campaign across key swing states on October 20. Footage…

2 weeks ago