There is no end to what's been revealed while DefCon and
Black Hat Hacking Conferences are going on in Las Vegas, Nevada.
I recently learned that almost 90% of all Google Android
smartphone can be remotely controlled via the StageFright vulnerability. This
was discovered by Security Firm Zimperium zLabs as reported in my blog article
entitled “Security
Firm Zimperium reveals StageFright Bug – Why Automated Video Playback in
@Google @Android is a Hacker's Thermonuclear War”.
Mozilla has announced that their Firefox Browser has a
vulnerability that allows anyone to remotely steal your files as reported in
the article “Firefox
users, here's a security flaw you'll need to fix”, published August 7, 2015
by Lance Whitney, CNET News.
The hack was revealed to the Mozilla Foundation by a very
faithful user, Security researcher Cody Crews, who they tipped their hat to in
their Press Release on Thursday August 6th 2015 in the post “Same
origin violation and local file stealing via PDF reader”.
So how does this hack work in a nutshell??
Mozilla Firefox's
PDF Viewer vulnerability - How to remotely hack via Mozilla Firefox Browser
Apparently a News site in Russia was able to demonstrate the
exploit, which exists in Firefox's PDF Viewer which is written with JavaScript
as explained in the article “Update
Firefox now: major vulnerability could steal your data”, published August 7
2015 by Owen Williams, The Next Web.
Theoretically, a hacker can gain access to your computer by
creating a website that has a PDF (Portable Document File) file on it and then
send you a link to their website.
You then click on the PDF document and the Firefox's PDF
Viewer goes to work, opening the PDF document in your Firefox Browser for
viewing. However, the vulnerability that exists in the JavaScript code for the
Firefox's PDF Viewer allows the hacker's website to inject an executable script
which the JVM (Java Virtual Machine) running on your computer.
In short, you merely need to only visit the infected
website, download a PDF File from that hacker's website and you're infected,
not much different from the StageFright vulnerability for Google Android
smartphones as described in my blog article
entitled “Security
Firm Zimperium reveals StageFright Bug – Why Automated Video Playback in
@Google @Android is a Hacker's Thermonuclear War”.
Thus the hacker via their website can remotely log into your
computer and search and upload local files. But what's even more troubling is
that it works on ANY computer that has JVM or can run it Windows, Linux or Mac
OS, if the hacker is sufficiently skilled or motivated.
Luckily, the exploit can only target System Files that would
only be of concern to developers, such as FTP configuration files, subversion,
.purple and Log files with personal information on Windows and Linux computers.
Defense Against
the Dark Arts - How to prevent the Firefox PDF Viewer Vulnerability
We're lucky that Security researcher Cody Crews spotted it
early and reported it to Mozilla Firefox. Albeit potentially as widespread and
the StageFright vulnerability is on Google Android, it isn't as pervasive, as
the Browsers isn’t baked into your Macbook Pro, Windows 8 or Ubuntu Linux
computer.
A simple upgrade to Mozilla Firefox version 39.0.3 from
38.1.1 and the application of a patch by Enterprise users can defend you from
this attack as pointed out in “Mozilla
is patching a Firefox exploit that can hijack 'sensitive local files'”,
published August 7, 2015 by Colin Lecher, The
Verge.
Also educating you staff not to click on suspicious websites
or email links as was the case in the JIS (Jamaica Information Service) hack as
explained in my blog
article entitled “Anatomy
of ISIS hack of the JIS Website - How the @JISNews Website was hacked and Why
Hactivists couldn't access sensitive GOJ Databases” can prevent this
scenario from occurring.
No comments:
Post a Comment