AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Shocking discovery in the world of browsers: a backdoor that has been exploited for 18 years

Hackers able to access private networks via backdoors in major web browsers

A vulnerability in browsers has been discovered after 18 years, allowing hackers to access private networks via the IP 0.0.0.0. Apple, Google and Mozilla are responding with security measures. The risk involves sensitive data on private and development servers.

This pill is also available in Italian language

A recent study released Wednesday revealed that for 18 years, major browsers have had a backdoor that allowed hackers to access the private networks of homes and businesses. Apple, Google and Mozilla took immediate action to resolve this serious vulnerability. The issue concerns the handling of requests to the IP address 0.0.0.0 by browsers such as Chrome, Safari and Firefox. These browsers take requests to that address and redirect them to other IPs, including "localhost", which is usually a server on a private network used for testing code. Israeli cybersecurity startup Oligo found that hackers exploited this loophole by sending malicious requests to IP 0.0.0.0 to access sensitive data.

The mechanism of the "0.0.0.0-Day" attack

A typical attack involves the attacker tricking the victim into visiting a seemingly harmless website, but actually sending malicious requests to access files via 0.0.0.0. This information may include developer data and internal communications. The most critical aspect of the “0.0.0.0-day” attack is that it allows the hacker to penetrate the victim's private network, opening up multiple attack vectors. This type of attack can affect both individuals and companies hosting web servers, putting a significant number of vulnerable systems at risk. The researchers also found that it is possible to run malicious code on a server using the Ray AI framework, used to train artificial intelligence models by companies such as Amazon and Intel.

Reactions from big tech companies

Attacks exploiting this vulnerability have already been documented. For example, in June of this year, Google security developer David Adrian reported several incidents of malware that exploited the 0.0.0.0 IP address to attack development tools. Fortunately, Windows systems are not vulnerable thanks to the 0.0.0.0 IP blocking implemented by Microsoft. Apple has announced that it will block all requests to the 0.0.0.0 IP address in the upcoming macOS 15 Sequoia beta, aiming to improve the security of the operating system. Google also plans to introduce a similar block, although there are no official comments on the matter yet.

Implications and future prospects

Mozilla, creator of Firefox, has for the moment avoided adopting a similar measure, citing potential compatibility problems, since some servers use the 0.0.0.0 address instead of localhost and blocking it could cause disruptions. These incidents highlight how cybersecurity and personal data protection are increasingly becoming a priority for large technology companies. The researchers insist that the risk associated with open access to IP 0.0.0.0 is significant, as it allows access to data that should be protected. The results of this research will be presented at the DEF CON conference in Las Vegas, scheduled for this weekend.

Follow us on Facebook for more pills like this

08/08/2024 14:11

Marco Verro

Last pills

Serious vulnerability discovered in AMD CPUs: invisible malware riskCritical flaws put AMD CPUs at risk: how hackers can gain stealth, persistent access to your systems

AI Act: new rules that will change the future of technologyNew rules for artificial intelligence: how the AI Act will change the technological and industrial landscape in Europe. Discover the challenges, opportunities and importance of international cooper...

Digital chaos: global connection issues hit Azure and Microsoft 365Microsoft's cloud services in haywire: here's what's happening and how the company is responding

Cyber catastrophe: CrowdStrike bug brings global companies to their kneesGlobal financial and operational impact. Companies lose billions, with Delta Air Lines among the hardest hit. Find out what happened and how they are recovering