[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
How does the Hacking Team network malware work? How bad is it?
- To: cpunks <[email protected]>
- Subject: How does the Hacking Team network malware work? How bad is it?
- From: [email protected] (Eric Mill)
- Date: Sun, 17 Aug 2014 17:24:38 -0400
Hi,
I've read the Intercept's writeup[1], and read through Citizen Lab's
writeup[2]. I'm having trouble understanding the attack surface, and how
widely applicable the vulnerability is.
Are MS and Google targeted because of their ubiquity, or is there also
something (besides not using HTTPS) that they did to make their services
vulnerable?
How can there be a remote code vulnerability so low in the stack that it
can be injected at the packet level, but high enough that TLS encryption
foils the attack?
Does this affect Windows only? Through particular browsers?
I'm certainly up for using this as an argument for how difficult it is to
predict the severity and creativity of MITM attacks, but I would like to
better understand the magnitude of the disclosure.
Thanks,
Eric
[1] https://firstlook.org/theintercept/2014/08/15/cat-video-hack/
[2] https://citizenlab.org/2014/08/cat-video-and-the-death-of-clear-text/
--
https://konklone.com | https://twitter.com/konklone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140817/d6793d26/attachment.html>